[TriLUG] help! IPsec VPN over SSH?
gregbrown at mindspring.com
gregbrown at mindspring.com
Fri Feb 25 10:37:14 EST 2005
/* mike said
Um, you are aware that IPSec uses protocols 50 and/or 51, right? Not IP
(number 0). I'd be very surprised if there was a proxy that supported
this kind of thing.
*/
GAH! I did forget. It's always something.. in this case protocols vs. ports.
/* mike said
However, there is always more than one way to do it. Check out
Etherpuppet: http://www.cartel-securite.fr/pbiondi/projects/etherpuppet
It will let you essentially create a tunnel between two hosts at an
interface level. Create an Etherpuppet tunnel through SSH from inside
the network to somewhere outside that allows IPSEC, then IPSEC from that
site to wherever your ultimate IPSEC destination is.
Pain in the ass, but it would work. What you are trying to do is (to my
knowledge) not easy.
Mike
*/
If it's hard to do in your knowledge it's going to be a challenge for me.
However, if I manage to get this working I will ascend to hero status with
everyone on this project, which is a good thing.
Time to tinker. Thanks, Mike!
Greg
More information about the TriLUG
mailing list