From owner-freebsd-security Mon Jan 7 10:49:26 2002 Delivered-To: freebsd-security@freebsd.org Received: from gradient.cis.upenn.edu (GRADIENT.CIS.UPENN.EDU [158.130.67.48]) by hub.freebsd.org (Postfix) with ESMTP id 5632337B402 for ; Mon, 7 Jan 2002 10:49:22 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by gradient.cis.upenn.edu (8.10.1/8.10.1) with ESMTP id g07InKr16419 for ; Mon, 7 Jan 2002 13:49:20 -0500 (EST) Date: Mon, 7 Jan 2002 13:49:19 -0500 (EST) From: Alwyn Goodloe To: Subject: ipsec setup question Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi folks, I am trying to set up an IPV4 over IPV4 tunnel on a testbed of four systems I have setup for research. Because its research my configuration is probably a bit different than most of you would run in practice. The first test would have a tunnel bewteen the two ends of the network. (You can think of this as the client and server both acting as gateways with two routers in between). From the somewhat limited documentation I did the following: gifconfig gif0 inet 192.168.1.3 192.168.5.12 ifconfig gif0 inet 192.168.1.3 192.168.5.12 route add -net 192.168.5.12 -interface gif0 Unfortunately I get the error message: error_message=/kernel:gif_out:recursively called too many times Anyone got any ideas?? Also I would like to nest tunnels and by that I mean say have an end to end tunnel with ESP but have each intermediate router (there are two of them) check AH headers on the packet. Anyone see any problems with this. Alwyn Goodloe agoodloe@gradient.cis.upenn.edu To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message