Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Copy Tos bit (dscp) from cleaer packet to encrypted one with IPSEC RFC2401

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    3 Posts 2 Posters 2.1k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K Offline
      kaneda
      last edited by

      In other line of things, Anyone knows if Pfsense 1.2.3 and 2.0 support Copy diifserv bit (TOS DSCP) from clear packet to encrypted packet on IPSEC vpn tunnels? I think that this is specified on RFC 2401 but not sure If Stable or beta versions of pfsense support this feature.

      Many thanks

      Kaneda

      1 Reply Last reply Reply Quote 0
      • E Offline
        eri--
        last edited by

        It can be done by enabling a sysctl.
        Search aound google and you will find it.

        1 Reply Last reply Reply Quote 0
        • K Offline
          kaneda
          last edited by

          I was looking for it too much time without sucess, many other Firewall systems have this feature avaible by default at devices from Juniper,Cisco or Firtinet hardware vendors and Vyatta or Astaro as software vendors dont know why authors and developers dont put it avaible as a feature without necesitie of make any hack into the SO.

          Please ermal can you tell me how to do it?
          I need to copy Diffserv bit from clear packet to encrypted one (IPSEC tunnels)and reverse.

          If I cant do it, I will have to change firewall distro to vyatta to support VoIP of my Alcatel PBX.
          Many thanks

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.