Date: Thu, 18 Mar 1999 17:37:10 -0500 From: Kurt Seel <kseel@utcorp.com> To: freebsd-net@FreeBSD.ORG Subject: Re: SKIP on 3.1 Message-ID: <36F18016.5BA99C21@utcorp.com> References: <199903182204.OAA94934@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Archie Cobbs wrote: > Charles Henrich writes: > > Im attempting to build a skip tunnel between two machiens that are tunning > > IPFW+NAT ... So basically in pictures: > > > > > > 10.x <---> [IPFW+NAT] <---> The Internet <--> [IPFW+NAT] <---> 10.x > > > > I want to build a VPN between the two 10 networks... Any suggestions, points > > hints, RTFM's (which M? :) etc? Thanks! > > > > ===== > > > > My problem is I cant see how to create a VPN link between the two 10 networks > > without going through the NAT translation, which would totally break the VPN > > software. Any ideas? > > Don't use NAT at all, just do SKIP in tunnel mode and use the -f > flag to skiphost to make sure the source address for your packets > is the routable address and not the 10.x address. > > If you *also* want address translation for the 10.x nets to reach > the outside world, this is do-able but takes some care (I've never I used iptunnel (with skip) to accoplish this after it became appearent that the level of 'care' needed was beyond my fuzzy little brain. The only caveat for is that I can't talk to the far 10.x net from one of the routers :-( If you want the configs, contact me off-list. > > done it myself). See the notes in README.FreeBSD. > > -Archie > > ___________________________________________________________________________ > Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-net" in the body of the message -- "They that can give up essential liberty to obtain a little temporary safety deserve neither liberty nor safety." -- Benjamin Franklin, 1759 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?36F18016.5BA99C21>