Date: Fri, 30 Aug 2002 10:55:46 +0200 From: Heinrich Rebehn <rebehn@ant.uni-bremen.de> To: neal@nelson.name Cc: freebsd-questions@freebsd.org Subject: Re: IPSec on a wireless AP Message-ID: <3D6F3312.6020304@ant.uni-bremen.de> References: <20020830071131.GK484@server>
next in thread | previous in thread | raw e-mail | index | archive | help
Neal Nelson wrote: > I'm trying to set up IPSec between my access point (FreeBSD with > wireless in HostAP mode) and laptop. > > I'm using transport mode and things work OK between the laptop and AP. > All is encrypted and working OK. When I ping another node on my network, > everything is in the clear (I'm using tcpdump on the wireless interface). > > I assumed that since my AP is my gateway for my laptop, all packets > would obviously have to be sent there first and therefore encrypted. > This does not seem to be so. > > Does anyone know how I can encrypt all data between my laptop and AP > using IPSec? > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > Hi Neal, examine the routes on your laptop. I had the same problem the oter day. Since my IPsec gateway was on the same subnet as my laptop, there was not only the route 0.0.0.0 -> x.x.x.gateway but also a route to x.x.x.0 -> <local interface> so every packet on a machine on x.x.x.0 other than the gateway was sent directly and thus in cleartext. HTH Heinrich -- Heinrich Rebehn University of Bremen Physics / Electrical and Electronics Engineering - Department of Telecommunications - E-mail: mailto:rebehn@ant.uni-bremen.de Phone : +49/421/218-4664 Fax : -3341 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3D6F3312.6020304>