H all, I have two prodction servers with FreeBSD 5.4 (all security patches are applied). They running some services like dns, ssh, http, ftp, etc. But I woukd like to encrypt some services for some hosts with ipsec when it is accessed. For example: - DNS resolution: not encrypted. - DNS replication master-slave: encrypted by ipsec. - Telnet: encrypted by ipsec for some hosts. Deny for the rest. - SSH: not encrypted for some hosts, encryted by ipsec for the rest. - FTP: encrypted by ipsec. - HTTP: encrypted by ipsec. is it possible to encrypt only certains services under ipsec tunnel?? Thank you for your help. -- CL Martinez carlopmart {at} gmail {d0t} com