Date: Mon, 20 Mar 2000 08:31:22 +0000 (GMT) From: Didier Derny <didier@omnix.net> To: Mike Tancsa <mike@sentex.ca> Cc: questions@freebsd.org Subject: Re: ipsec, gif tunneling etc... Message-ID: <Pine.BSF.3.96.1000320081801.17167B-100000@omnix.net> In-Reply-To: <3.0.5.32.20000317164753.00bcda60@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
it's possible to use gifconfig to build a tunnel between two machine but it's not recommended with ipv4 if I can remember what I've done machine A is on the real network address 192.168.0.1 machine A has the private address 10.0.0.1 machine B is on the real network address 192.168.1.1 machine B has the private address 10.0.0.2 after the tunnel is established A(10.0.0.1) <--- talks to ---> B(10.0.0.1) to link two machine on internet. Machine A gifconfig gif0 192.168.0.1 192.168.1.1 ifconfig gif0 inet 10.0.0.1 10.0.0.2 netmask 255.255.255.255 Machine B gifconfig gif0 192.168.1.1 192.168.0.1 ifconfig gif0 inet 10.0.0.2 10.0.0.1 netmask 255.255.255.255 if you do a traceroute from A to B with the real address (192.168.1.1) you will see all the hops on the way from A to B if you do a traceroute from A to B with the internal address (10.0.0.2) you can't see all the hops on the way from A to B beware that alls this is quite confusing. Test it thorougly before using it on real servers. -- Didier Derny didier@omnix.net On Fri, 17 Mar 2000, Mike Tancsa wrote: > > Apart from the KAME page, and the ipsec man page, and the > /usr/share/examples/IPv6 docs, does anyone have any other handy dandy > documentation ? > > I am trying to setup an IPv4 ipsec tunnel between two hosts and am not > having much luck :-( > > On machine A, I have lets say 172.1.1.1 and on machine B 10.10.10.1, > assigned to the ethernet adaptors on the respective machines. Its not > clear to me when its stated > > Use "gifconfig" to assign physical (outer) source and destination address > to gif interfaces." > > Any pointers (additional references) would be much appricated. > > ---Mike > ------------------------------------------------------------------------ > Mike Tancsa, tel +1 519 651 3400 > Network Administrator, mike@sentex.net > Sentex Communications www.sentex.net > Cambridge, Ontario Canada > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.1000320081801.17167B-100000>