Home page logo

firewall-wizards logo Firewall Wizards mailing list archives

OpenBSD IPSEC VPN question
From: David Lang <david () lang hm>
Date: Mon, 29 Apr 2013 04:39:04 -0700 (PDT)

I'm seeing some odd reports on the rsyslog mailing list where someone is climing that when using an IPSEC VPN on OpenBSD they have to explicitly set the source IP address for all connections out from the firewall (tunnel endpoint) or else the connection won't go through the tunnel. The person reporting this is proposing modifications to rsyslog to have it force the local IP address for outbound connections as a work-around for this problem

This sounds very wrong to me, but can anyone speak up who knows this OS?

It seems to me that a VPN that requires all applications to be modified to set the outbound source IP before the VPN will be used is a very broken VPN. This does not mesh well with the reputation that OpenBSD has.

David Lang
firewall-wizards mailing list
firewall-wizards () listserv icsalabs com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]