RE: IPSec passthrough

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



A Helper module would be needed, why not put a single tunnel on the firewall and route them through?? Why does each machine required to have it's own tunnel? I guess you have your own reasons but a single tunnel at the firewall is 1 solution for now..

Thanks,
____________________________________________
George Vieira
Systems Manager
georgev@xxxxxxxxxxxxxxxxxxxxxx

Citadel Computer Systems Pty Ltd
http://www.citadelcomputer.com.au

-----Original Message-----
From: dhiraj.2.bhuyan@xxxxxx [mailto:dhiraj.2.bhuyan@xxxxxx]
Sent: Wednesday, May 28, 2003 1:45 AM
To: netfilter@xxxxxxxxxxxxxxxxxxx
Subject: IPSec passthrough


Dear List,
Does anyone know whether there is patch that will allow kernel 2.4 or
greater to support setting up of multiple IPSec tunnels (passthrough) to the
same destination - ie more than one machine behind the firewall trying to
set up IPSec tunnel to the "same" remote host? When I was testing kernel
2.4.20 for passthrough capability a few months back, there was no patch that
would allow me to do that (single passthorough worked fine). I presume this
has something to do with writing a conntrack IPSec helper?
Regards,
Dhiraj Bhuyan
BTexact




[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux