IPSec, is it possible?
MK
public at kubikcz.net
Sat Oct 7 13:33:33 PDT 2006
Firstly, thank you for your reply..
> In this case, no worry about NAT, and IPsec, since no NAT is involved
> somewhere in the tunnel, which ends at the gateway. Anyway, even if it
> was, isakmpd can do NAT-traversal since 3.6
> [http://www.openbsd.org/36.html].
>
> Since you do not give us information about your computer, I won't
> suggest any particular product, but I'd suggest two technos : IPsec, and
> SSL VPNs.
I have Windows XP SP2 installed, IPsec should not be problem.
>
>> I can not use IP address of intranet OpenBSD interface because the
>> traffic
>> will be directed to the internet hence this rule will not take place and
>> encrypt my traffic. Maybe I could use some proxy on OpenBSD but I wanted
>> to
>> avoid similar solution.
>
> Don't understand what you mean.
I was considered following situation. Let's say that interface on OpenBSD
gateway which leads to LAN has IP address 192.168.0.1 and my PC has
192.168.0.2. For my PC is gateway on 192.168.0.1 and if I create IPsec
tunnel between 192.168.0.1 and 192.168.0.2 only the traffic between these
two points will be encrypted at least I think. In case I will want to access
the internet from my PC the destination won't be address 192.168.0.1 but IP
of the server placed in internet.
In this case the traffic will not be encrypted, am I right or am I still
missing something. My questions are maybe a little bit stupid but I'm not
experienced with IPsec very much.
>
>
> HTH.
Thanks MK
More information about the Openbsd-newbies
mailing list