Date: Wed, 23 Jun 2010 10:58:31 +0200 From: VANHULLEBUS Yvan <vanhu@FreeBSD.org> To: ralf@dzie-ciuch.pl Cc: freebsd-net@freebsd.org Subject: Re: vpn trouble Message-ID: <20100623085831.GA74559@zeninc.net> In-Reply-To: <dd3c900149350c5a4cb20b50d8f84741@ewipo.pl> References: <20100622201130.5824d585@gda-arsenic> <20100622182242.GU2620@verio.net> <20100622204107.6c604c17@gda-arsenic> <e0ec3f73645a733f318ba5664abf6472@ewipo.pl> <20100623080555.GB74303@zeninc.net> <5e8d1141ecf3d922c00114e41585a67f@ewipo.pl> <20100623083228.GA74453@zeninc.net> <a5c9ad94743d6f4d709ce181fb5b1894@ewipo.pl> <20100623084519.GA74491@zeninc.net> <dd3c900149350c5a4cb20b50d8f84741@ewipo.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Jun 23, 2010 at 10:52:19AM +0200, ralf@dzie-ciuch.pl wrote: [....] > When on one console i type tcpdump -i gif0 I don't receive any values! > So I thing I should set route do it right? > > Can you tell me how to do it? > > netstat -rn print something like this: > Destination Gateway Flags Refs Use Netif Expire > default 78.x.x.x UGS 3 49544466 bce1 > 10.10.1.90 10.20.0.1 UH 2238 13439 gif0 > > Is it ok? or I do something wrong? Check with your peer's configuration, but using such extra IP-IP encapsulation (via gif interfaces on FreeBSD) is NOT the usual way of setting up IPsec tunnels.... If your peer expects usual IPsec setups, you should just have SPD entries as specified in your very first mails. Yvan.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20100623085831.GA74559>