[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

ipsec and transparent bridge firewall

To: misc <misc@openbsd.org>
Subject: ipsec and transparent bridge firewall
From: Andreas Schuldei <andreas@schuldei.org>
Date: Tue, 3 Apr 2001 15:33:32 +0200
Content-Disposition: inline
Mail-Followup-To: misc <misc@openbsd.org>
User-Agent: Mutt/1.3.12i

what is needed to let isakmpd and ipsec through a transparent
bridging firewall?

what do I miss:

pass in quick on ep1
pass out quick on ep1
 
pass in quick on ep2 proto encap all
pass in quick on ep2 proto tcp/udp all keep state
pass in quick on ep2 proto icmp all keep state
block in quick on ep2
 
 
pass in quick on ep3 proto encap from any to 195.198.203.112/29
pass in quick on ep3 proto tcp from any to 195.198.203.112/29 port = 22 flags S keep state
pass in quick on ep3 proto tcp from any to 195.198.203.112/29 port = 500 flags S keep state
block in quick on ep3

Follow-Ups:
- Re: ipsec and transparent bridge firewall
  - From: Andreas Schuldei <andreas@schuldei.org>

Prev by Date: [patch] .ident support for identd
Next by Date: Re: Problems with JDK on Openbsd 2.8
Prev by thread: [patch] .ident support for identd
Next by thread: Re: ipsec and transparent bridge firewall
Index(es):
- Date
- Thread