From owner-freebsd-questions@freebsd.org  Mon Jul 13 17:24:06 2020
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.nyi.freebsd.org (Postfix) with ESMTP id 4DBB936AF8F
 for <freebsd-questions@mailman.nyi.freebsd.org>;
 Mon, 13 Jul 2020 17:24:06 +0000 (UTC)
 (envelope-from dave.mehler@gmail.com)
Received: from mail-il1-x12e.google.com (mail-il1-x12e.google.com
 [IPv6:2607:f8b0:4864:20::12e])
 (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
 client-signature RSA-PSS (2048 bits) client-digest SHA256)
 (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4B59VY4Vfxz4FvY
 for <freebsd-questions@freebsd.org>; Mon, 13 Jul 2020 17:24:05 +0000 (UTC)
 (envelope-from dave.mehler@gmail.com)
Received: by mail-il1-x12e.google.com with SMTP id i18so11865908ilk.10
 for <freebsd-questions@freebsd.org>; Mon, 13 Jul 2020 10:24:05 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=mime-version:from:date:message-id:subject:to;
 bh=ulJzUsWDSIPbWwxKj3gyyZMH0N59beHfVUrZomxWwKU=;
 b=QBRjSV06hrvkL0pAdtXjerrgvW8T8NkMlPnQIZJJoeM8I/ZNG2gqTzXr9oJbCG25JV
 DhqYKWka8i6kF3bj8t+0mfPoTubwA4vmeVGQRLHWsjYKED5gwQpKebjd7Od61PKIm9KO
 lwVsMAh+ftXYEC8j4PALnMVQUlhX+IneUdoUN9zArFwgNci0OV4QlhE95x7r9+gWeWq8
 D1lms2XHqbAKnAKECiJZcLYqR/voc/3NgD6fc8xvUiHD/9GcxsqzRHLaj9Rn+ZWYfnt+
 HW8ymvB9qsznRNvxtOvExPDnETG+MBiZJpceBSqBaMgszqmkl9Xp4WVMOIy2nr0PTH0m
 vFUw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
 bh=ulJzUsWDSIPbWwxKj3gyyZMH0N59beHfVUrZomxWwKU=;
 b=TMFnO/AQwQSKpxHFxw0TlAX/8CmhJ37TbGZ8HWC615iBLvtK83oMSJHkgf5UrJvrPd
 HR0HJIn1RmrXbNC4rJRAI3L7wP2i15vXye/ovs/mrwCc6pVp0TBn6GRNHPHQPZZCMaBK
 4HbZtMTvGb1Ja7ISwN+iPoEY8ZHUoKJcyDbCDWwRKcbBJ03N1PRlkVRrn4UnjPivwvei
 xpoLABVtTJzbnSbKJ133prASrUGnTN/2Gf+UfB4tkTyDGWlVvnQpZTpiKJ6E6LPOhr0i
 L+hMiDnyn22qog8tNmqGW3U+J5g7T3IswmELUGOVF6JeYfeff+CEJln4uHZRqrRapt8m
 ZWLw==
X-Gm-Message-State: AOAM531pSjh4hoQ+wBcsm8YypOYi+9psxdDj4e2cCPk7nbaX1muncImC
 910pOPvW0pGcsEtMAdYBHgs2qq01iD4J/bbSkuhchWSz
X-Google-Smtp-Source: ABdhPJzsrbmJz3Ab/mUYyNBdpg3X/xH8XNxZoJL4BGJLvue4m0zmLnN20mFmG+7RZu8FN0MAeS94Q3FhKAU0CGCYtJk=
X-Received: by 2002:a92:c525:: with SMTP id m5mr741880ili.67.1594661044253;
 Mon, 13 Jul 2020 10:24:04 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a4f:3b52:0:0:0:0:0 with HTTP; Mon, 13 Jul 2020 10:24:03
 -0700 (PDT)
From: David Mehler <dave.mehler@gmail.com>
Date: Mon, 13 Jul 2020 13:24:03 -0400
Message-ID: <CAPORhP6-P6VJS3HKoXXhmvLhQczhGdH5vYA7LXd_HKv-bgdUzw@mail.gmail.com>
Subject: FreeBSD, IPSec, with remote client setup
To: freebsd-questions@freebsd.org
Content-Type: text/plain; charset="UTF-8"
X-Rspamd-Queue-Id: 4B59VY4Vfxz4FvY
X-Spamd-Bar: ---
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=gmail.com header.s=20161025 header.b=QBRjSV06;
 dmarc=pass (policy=none) header.from=gmail.com;
 spf=pass (mx1.freebsd.org: domain of davemehler@gmail.com designates
 2607:f8b0:4864:20::12e as permitted sender)
 smtp.mailfrom=davemehler@gmail.com
X-Spamd-Result: default: False [-3.30 / 15.00];
 DWL_DNSWL_NONE(0.00)[gmail.com:dkim]; ARC_NA(0.00)[];
 R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025];
 NEURAL_HAM_MEDIUM(-0.88)[-0.885]; FROM_HAS_DN(0.00)[];
 FREEMAIL_FROM(0.00)[gmail.com]; TO_MATCH_ENVRCPT_ALL(0.00)[];
 MIME_GOOD(-0.10)[text/plain];
 PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org];
 TO_DN_NONE(0.00)[]; RCPT_COUNT_ONE(0.00)[1];
 NEURAL_HAM_LONG(-0.99)[-0.989];
 R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36];
 DKIM_TRACE(0.00)[gmail.com:+];
 DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
 RCVD_IN_DNSWL_NONE(0.00)[2607:f8b0:4864:20::12e:from];
 NEURAL_HAM_SHORT(-0.42)[-0.421]; FROM_EQ_ENVFROM(0.00)[];
 MIME_TRACE(0.00)[0:+]; FREEMAIL_ENVFROM(0.00)[gmail.com];
 ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US];
 TAGGED_FROM(0.00)[]; RCVD_TLS_ALL(0.00)[];
 RCVD_COUNT_TWO(0.00)[2]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.33
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Jul 2020 17:24:06 -0000

Hello,

I'm using FreeBSD 12.1 with a jail i'd like to use IPSec on, both IPv4
and IPv6. My goal is to allow remote clients to connect securely to
the server. Anyone have anything on this?

Thanks.
Dave.