I can use AH/ESP however since I am using a satellite link thru a modem/hub(NOC) that fiddles around with packets in order to optimize them , I can't encrypt the headers otherwise the optimizer can't see inside the packets and therefore can't see the headers , so no optimization is done ,and I end up with a 33,6Kbps like speed for the VPN , which is useless (at best 56Kbps).
SKIP seems like a goes solution, I am going to look at it and see what it does. On Tue, 18 Jun 2002 08:00:10 -0700 Lars Eggert <[EMAIL PROTECTED]> wrote: > Louis A. Mamakos wrote: > >> > >>Could someone tell me if there is a way to build a VPN(like) tunnel from > >>a FreeBSD machine acting as a VPN gateway to another machine acting as > >>another VPN gateway using normal IP packets that have only their data > >>payload encrypted. Of course there would have to be a way to setup the > >>tunnel and still retain the network addressing of each side of the VPN > > > > > > Look at vtun in /usr/ports/net/vtun to see if this can address your > > problem. I use it over a (cable modem) network that seems to > > filter IPSEC traffic. > > Too bad you can't use IPsec, this seems like the perfect scenario for it. > > I've also used vtun in such a scenario, and can second that it'll work > UNLESS you need your tunnel to go through a NAT box - vtun uses the > client's IP address during its authentication handshake (which is dumb, > since stronger shared secrets need be in place anyway.) > > Archie's daemonnews article has an example of how to do UDP tunneling > with netgraph, which nets about a 2x performance improvement over vtun > (without encryption, haven't figured out how tie in ng_mppc). > > Lars > -- > Lars Eggert <[EMAIL PROTECTED]> USC Information Sciences Institute > -- =============================================================== Christophe Prevotaux Email: [EMAIL PROTECTED] HEXANET SARL URL: http://www.hexanet.fr/ Z.A.C Les Charmilles Tel: +33 (0)3 26 79 30 05 3 Allée Thierry Sabine Direct: +33 (0)3 26 61 77 72 BP202 Fax: +33 (0)3 26 79 30 06 51686 Reims Cedex 2 FRANCE HEXANET Network Operation Center =============================================================== To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-net" in the body of the message