Date: Fri, 28 Sep 2001 09:57:00 -0700 (PDT) From: Julian Elischer <julian@elischer.org> To: Rasputin <rasputin@submonkey.net> Cc: freebsd-net@freebsd.org Subject: Re: IPSec basics Message-ID: <Pine.BSF.4.21.0109280955540.71138-100000@InterJet.elischer.org> In-Reply-To: <20010928105322.A494@shikima.mine.nu>
next in thread | previous in thread | raw e-mail | index | archive | help
how does a freebsd machine pose as an airport? That requires you run special AP firmware on the card. On Fri, 28 Sep 2001, Rasputin wrote: > > Hi there, > > I'm about to try to set IPSec over a wireless link (as WEP can't be trusted), > and just wanted to check I have the concepts straight in my head. > > One end is an iBook which connects to the Net via a FreeBSD > gateway, posing as an Airport. > > The FreeBSD box runs ipf and ipnat. > The iBook will be using PGPDesktopSecurity, since that's the > only IPSec client for OS9 I know of. > > All I want to do is encrypt traffic over the wireless, > and use it for authentication as well. > > This is a pure IPv4 setup ,and all I *think* I need is > transport mode. > > I hear IPSec doesn't grok NAT, but I'm hoping this is referring > to tunnel mode (i.e. VPNs). > > Just wanted to check that would work. > > Also, will the ruleset on the firewall need changing, or > is IPsec handled before the packets hit the firewall? > > If changes are needed, a tutorial would be very useful. > > Thnaks a lot. > -- > "Hey! Who took the cork off my lunch??!" > -- W. C. Fields > Rasputin :: Jack of All Trades - Master of Nuns :: > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0109280955540.71138-100000>