/* mike said Um, you are aware that IPSec uses protocols 50 and/or 51, right? Not IP (number 0). I'd be very surprised if there was a proxy that supported this kind of thing. */
GAH! I did forget. It's always something.. in this case protocols vs. ports. /* mike said However, there is always more than one way to do it. Check out Etherpuppet: http://www.cartel-securite.fr/pbiondi/projects/etherpuppet It will let you essentially create a tunnel between two hosts at an interface level. Create an Etherpuppet tunnel through SSH from inside the network to somewhere outside that allows IPSEC, then IPSEC from that site to wherever your ultimate IPSEC destination is. Pain in the ass, but it would work. What you are trying to do is (to my knowledge) not easy. Mike */ If it's hard to do in your knowledge it's going to be a challenge for me. However, if I manage to get this working I will ascend to hero status with everyone on this project, which is a good thing. Time to tinker. Thanks, Mike! Greg -- TriLUG mailing list : http://www.trilug.org/mailman/listinfo/trilug TriLUG Organizational FAQ : http://trilug.org/faq/ TriLUG Member Services FAQ : http://members.trilug.org/services_faq/ TriLUG PGP Keyring : http://trilug.org/~chrish/trilug.asc
