Date: Fri, 22 Nov 2002 15:02:34 -0000 From: "local.freebsd.stable" <freebsd-stable-local@insignia.com> To: "'freebsd-stable@freebsd.org'" <freebsd-stable@freebsd.org> Subject: Re: IPsec/gif VPN tunnel packets on wrong NIC in ipfw? SOLUTION A ND QUESTIONS Message-ID: <2F03DF3DDE57D411AFF4009027B8C3670289D55D@exchange-uk.isltd.insignia.com>
next in thread | raw e-mail | index | archive | help
On Thu, 21 Nov 2002 08:37:41 -0000, freebsd-stable-21nov02@oldach.net (Helge Oldach) wrote: >Essentially because you don't need to use a gif interface at all if >you implement ESP tunnel mode. The only purpose for gif is to get the >routing straight, which is: You have a route to the remote inside >network via the gif interface, and you have a "public" route via the >real interface. > >You can as well implement this by placing the internal route to an IP >address which has a static ARP entry with the MAC address of the public >default gateway. Been there, it works. Could you elucidate? I've seen people say something like this before but never been able to work out what to do to configure it. I am using a gif interface for precisely the purpose you state, and it would be good to know how to do it without it. jim To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2F03DF3DDE57D411AFF4009027B8C3670289D55D>