Re: Multiple IPSEC VPNs through a firewall based on 2.4.2X kernel

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Tom Eastep <teastep@shorewall.net>
Cc: Thomas Kirk <thomas@arkena.com>, netfilter@lists.netfilter.org
Subject: Re: Multiple IPSEC VPNs through a firewall based on 2.4.2X kernel
Date: Thu, 26 Aug 2004 07:14:39 -0700	[thread overview]
Message-ID: <412DF04F.4030904@shorewall.net> (raw)
In-Reply-To: <1093516765.2021.8.camel@localhost>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

John A. Sullivan III wrote:

|
| I do like the way in which *swan uses a separate interface for IPSec
| traffic.  This makes it simple to identify the VPN traffic in iptables
| although it is not impossible to do so with the kernel IPSec.
|
|

The 'policy' match feature in Patch-O-Matic allows you to differentiate
the VPN traffic. You also need to install the ipsec-netfilter patches to
ensure that VPN traffic is passed properly through the various netfilter
builtin chains.

- -Tom
- --
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFBLfBPO/MAbZfjDLIRAgTIAKCUoKABy8qboj/YdNpgQy7zOrH8zwCePHKX
qUwyxq6xUNPGSaI2TGKGW0U=
=6vBN
-----END PGP SIGNATURE-----

next prev parent reply	other threads:[~2004-08-26 14:14 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-08-24  5:11 Multiple IPSEC VPNs through a firewall based on 2.4.2X kernel Roksana Boreli
2004-08-24  5:46 ` Ming-Ching Tiew
2004-08-24  7:32   ` Payal Rathod
2004-08-24  7:50     ` Ming-Ching Tiew
2004-08-24  8:53       ` bridge + transparent proxy ArioS
2004-08-24  9:31 ` Multiple IPSEC VPNs through a firewall based on 2.4.2X kernel John A. Sullivan III
2004-08-26  9:13   ` Thomas Kirk
2004-08-26 10:39     ` John A. Sullivan III
2004-08-26 14:14       ` Tom Eastep [this message]
  -- strict thread matches above, loose matches on Subject: below --
2004-08-24 11:56 Jason Opperisano
2004-08-25  7:24 Roksana Boreli
2004-08-25 11:29 ` John A. Sullivan III
2004-08-25 11:44 Jason Opperisano

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=412DF04F.4030904@shorewall.net \
    --to=teastep@shorewall.net \
    --cc=netfilter@lists.netfilter.org \
    --cc=thomas@arkena.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.