Date: Tue, 25 Nov 2003 22:09:10 +0000 From: "Amin Abdul" <amin_abdul@hotmail.com> To: freebsd-questions@freebsd.org Subject: VPN(touch-ID)/gif0/Dynamic Routing Issue Message-ID: <BAY9-F38hbpaLGSWa530001a177@hotmail.com>
next in thread | raw e-mail | index | archive | help
Hello, I have few questions regarding the Dynamic Rouitng (i.e. routed) and gif0 interface. I go through the following documents: http://www.freebsd.org/handbook/ipsec.html http://asherah.dyndns.org/~josh/ipsec-howto.txt and follow the following steps: 1. Configure the gif0 interface using the www.freebsd.org/handbook/ipsec.html diagram as reference, it work fine (tested by ping) 2. Configure IPSec in Transport mode (since I am interested in forwarding dynamic routing information over point-2-point VPN) using draft-touch-ipsec- vpn approach, i.e: IPSec policy spdadd A.B.C.D W.X.Y.Z any -P out ipsec esp/transport//use; spdadd W.X.Y.Z A.B.C.D any -P in ipsec esp/transport//use; It works fine (ping test). 3. Now I start "routed" with "-s" options, It never saw any routing information flow through the VPN (tcpdump). 4. So, I disabled the IPSec and try again but I still saw no routing information over VPN (tcpdump). 5. So, I disabled the gif0 interface as well, I saw the RIP packets exchanges between two freeBSD machine. Summary: 1. routed works fine without gif0 interface. 2. VPN works fine without routed. Question: Now my questions are 1. There is any in-compatibility (or known bug) between routed and gif0 interface (I am using freeBSD 4.8 Release). 2. Is there any freeBSD document which describe how to configure gif0 and routed together. Thanks, Amin _________________________________________________________________ MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?BAY9-F38hbpaLGSWa530001a177>