[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] IPSec VPN?

"Joseph A. Knapka" wrote:

> I'm not sure if this is actually going to work, but I can't see why
> it won't. Of course, you can't masquerade IPsec packets, because the
> firewall doesn't know how to compute the checksums appropriately,
> since they're encrypted with a key the masq firewall doesn't know (I
> think), but forwarding packets without masqerading them should not
> cause any trouble. I'll let you know how it goes.

Actually, there are modules to permit you to deal with ipsec.  I
currently have two different vpn solutions for work, one is pptp, the
other ipsec.  Both are connecting to corporate networks through my
masq/nat firewall setup.  Both work fine.

If you read the firewall, ipsec and vpn howtos, you can set this up. 
I'd be glad to share my ipchains that do the ipsec and or pptp stuff
with anyone that is interested.  You'll need the mods too though.

> -- Joe
> -- Joseph A. Knapka
> "If I ever get reincarnated... let me make certain I don't come back
>  as a paperclip." -- protagonist, H Murakami's "Hard-boiled Wonderland"
> // Linux MM Documentation in progress:
> // http://home.earthlink.net/~jknapka/linux-mm/vmoutline.html
> * Evolution is an "unproven theory" in the same sense that gravity is. *
> --
> To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

Until later: Geoffrey		esoteric at denali.atlnet.com

"Great spirits have always found violent opposition from mediocre minds.
latter cannot understand it when a man does not thoughtlessly submit to
hereditary prejudices but honestly and courageously uses his
- Albert Einstein
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.