From owner-freebsd-questions  Thu Nov  9 14:49:18 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from greencreek.kappaisle.com (24.65.73.235.on.wave.home.com [24.65.73.235])
	by hub.freebsd.org (Postfix) with ESMTP
	id 5B67337B4C5; Thu,  9 Nov 2000 14:49:08 -0800 (PST)
Received: from localhost (mikey@localhost)
	by greencreek.kappaisle.com (8.9.3/8.9.3) with ESMTP id SAA49737;
	Thu, 9 Nov 2000 18:05:34 -0500 (EST)
	(envelope-from mikey@kappaisle.com)
Date: Thu, 9 Nov 2000 18:05:34 -0500 (EST)
From: Mike <mikey@kappaisle.com>
To: Julian Elischer <julian@elischer.org>
Cc: freebsd-questions@freebsd.org, freebsd-net@freebsd.org
Subject: Re: VPN over PPPoE
In-Reply-To: <3A0B2436.EEC5188D@elischer.org>
Message-ID: <Pine.BSF.4.21.0011091746300.49706-100000@greencreek.kappaisle.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Julian,

I'm pretty sure that we can safely leave the T1 lines out of the
equation since both T1s go to the same ISP from different locations.
I suspect the problem is on the PPPoE (running Netgraph PPPoE) side
because none of the IPSec packets actually go out from the tun0 device
when I sniff the network.

The PPPoE alone works fine and dandy, and I have set the MTU to 1492 for
tun0 and both the internal and external NICs.  The ADSL connection is
through Bell Nexxia.

I don't know if this gives you enough information about my setup, but if
you'd like to know more details,  I can draw the network diagram
between the T1 site and the ADSL site.

Thank you for your help.

Mike


On Thu, 9 Nov 2000, Julian Elischer wrote:

> how are the T1 lines connected?
> more details on the pppoe connection might be good too..
> do you used the netgraph pppoe or the user-land pppoe front-end?
> 
> ppp over pppoe uses a slightly reduced MTU
> that may have something to do with it, but I doubt it..
> 
> have you tried ipsec over ppp  with a dialup connection (if you have
> one)?
> maybe it's the ppp program having an argument with ipsec?
> (One for Brian really..)
> (I presume the pppoe connection is otherwise working ok)..
> 
> 
> -- 
>       __--_|\  Julian Elischer
>      /       \ julian@elischer.org
>     (   OZ    ) World tour 2000
> ---> X_.---._/  presently in:  Budapest
>             v
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message