Date: Fri, 17 Mar 2000 14:13:55 -0800 (PST) From: "Eric J. Schwertfeger" <ejs@bfd.com> To: Mike Tancsa <mike@sentex.ca> Cc: questions@FreeBSD.ORG Subject: Re: ipsec, gif tunneling etc... Message-ID: <Pine.BSF.4.10.10003171357010.56481-100000@harlie.bfd.com> In-Reply-To: <3.0.5.32.20000317164753.00bcda60@marble.sentex.ca>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 17 Mar 2000, Mike Tancsa wrote: > > Apart from the KAME page, and the ipsec man page, and the > /usr/share/examples/IPv6 docs, does anyone have any other handy dandy > documentation ? > > I am trying to setup an IPv4 ipsec tunnel between two hosts and am not > having much luck :-( > > On machine A, I have lets say 172.1.1.1 and on machine B 10.10.10.1, > assigned to the ethernet adaptors on the respective machines. Its not > clear to me when its stated > > Use "gifconfig" to assign physical (outer) source and destination address > to gif interfaces." > > Any pointers (additional references) would be much appricated. Actually, they warn against using gif devices to tunnel IPv4 over IPv4. The normal method to tunnel that way is with tunnel-mode ESP, which is just a matter of setting up the various rules using the setkey command. I'd recommend searching the KAME mail archives. My knowledge is a little out of date, and I think they changed the way you set up SPD's since the last time I worked with KAME. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10003171357010.56481-100000>