Date: Wed, 22 Oct 2003 12:34:46 -0000 From: Eric Anderson <anderson@centtech.com> To: Jim Hatfield <subscriber@insignia.com> Cc: freebsd-security@freebsd.org Subject: Re: IPSec VPNs: to gif or not to gif Message-ID: <3F967956.5060307@centtech.com> In-Reply-To: <u0qcpv0csl3lb1p6a8aioe7qjqjtvd6th9@4ax.com> References: <u0qcpv0csl3lb1p6a8aioe7qjqjtvd6th9@4ax.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Jim Hatfield wrote: >I will shortly be replacing a couple of proprietary VPN boxes >with a FreeBSD solution. Section 10.10 of the Handbook has a >detailed description of how to do this. > >However I remember a lot of discussion about a year ago about >whether the gif interface was necessary to set up VPNs like >this or whether it was just a convenience, for "getting the >routing right". A number of people said that gif was not >needed but I've never found a step-by-step description of how >to set up a lan-to-lan VPN without using it. > I use gif interfaces for my VPN's, and it works extremely well. The only other solution I think I would even try, is mpd, but that uses a much weaker protocol from what I know (PPTP). It's so easy to use gif, I'm not sure why you wouldn't. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology All generalizations are false, including this one. ------------------------------------------------------------------
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3F967956.5060307>