Date: Thu, 18 Mar 1999 14:04:26 -0800 (PST) From: Archie Cobbs <archie@whistle.com> To: henrich@flnet.com (Charles Henrich) Cc: freebsd-net@freebsd.org Subject: Re: SKIP on 3.1 Message-ID: <199903182204.OAA94934@bubba.whistle.com> In-Reply-To: <19990318135512.B15602@orbit.flnet.com> from Charles Henrich at "Mar 18, 99 01:55:12 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Charles Henrich writes: > Im attempting to build a skip tunnel between two machiens that are tunning > IPFW+NAT ... So basically in pictures: > > > 10.x <---> [IPFW+NAT] <---> The Internet <--> [IPFW+NAT] <---> 10.x > > I want to build a VPN between the two 10 networks... Any suggestions, points > hints, RTFM's (which M? :) etc? Thanks! > > ===== > > My problem is I cant see how to create a VPN link between the two 10 networks > without going through the NAT translation, which would totally break the VPN > software. Any ideas? Don't use NAT at all, just do SKIP in tunnel mode and use the -f flag to skiphost to make sure the source address for your packets is the routable address and not the 10.x address. If you *also* want address translation for the 10.x nets to reach the outside world, this is do-able but takes some care (I've never done it myself). See the notes in README.FreeBSD. -Archie ___________________________________________________________________________ Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199903182204.OAA94934>