From owner-freebsd-questions@FreeBSD.ORG  Sat May 21 21:59:26 2011
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B95571065673
	for <freebsd-questions@freebsd.org>;
	Sat, 21 May 2011 21:59:26 +0000 (UTC)
	(envelope-from jhall@socket.net)
Received: from mf1.socket.net (mf1.socket.net [216.106.88.38])
	by mx1.freebsd.org (Postfix) with ESMTP id 9D53A8FC12
	for <freebsd-questions@freebsd.org>;
	Sat, 21 May 2011 21:59:26 +0000 (UTC)
Received: from localhost (unknown [216.106.88.17])
	by mf1.socket.net (Postfix) with SMTP id DDA874040A;
	Sat, 21 May 2011 16:59:25 -0500 (CDT)
To: claudiu.vasadi@gmail.com, freebsd-questions@freebsd.org
From: jhall@socket.net
X-Apparently-from: jhall@mail.socket.net
X-Remote-Host: 216.106.31.249
User-Agent: Socket WebMail
References: <20110521143347.215E2106564A@hub.freebsd.org>
	<BANLkTi=TeH5jd6hbdX4KasosPR0mUYBrhQ@mail.gmail.com>
Date: Sat, 21 May 2011 16:59:25 -0500
Content-Type: text/plain;
  charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
Message-Id: <20110521215926.B95571065673@hub.freebsd.org>
Cc: 
Subject: Re: Re: IPSec routing (long post) 
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: jhall@socket.net
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 21 May 2011 21:59:26 -0000

----------------------------------------------------
>From : claudiu vasadi <claudiu.vasadi@gmail.com>
To : jhall@socket.net
Subject : Re: IPSec routing (long post)
Date : Sat, 21 May 2011 18:45:07 +0200
  Some additional points:
> - have you been following the FreeBSD handbook on this ? ->
> http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/ipsec.html
> - pls post your ifconfig  interface settings
> - you can use "tcpdump" to sniff traffic off of your "real" network
> interface (tcpdump (-v) -i <interface> host <vendor_ext_IP> and dst
> <local_ext_IP>)
> - do you have "options IPSEC" and "device crypto" in your kernel ?

My understanding is the handbook was using tunnel mode to connect the 
networks, and I am using transport mode.  Are these the same, and I am 
misunderstanding what I am reading. 

Jay