From owner-freebsd-questions@FreeBSD.ORG Fri Dec 5 14:01:57 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E4F3416A4CE for ; Fri, 5 Dec 2003 14:01:57 -0800 (PST) Received: from callcds.com (ip-66-179-9-107.name-host.com [66.179.9.107]) by mx1.FreeBSD.org (Postfix) with ESMTP id 573D143FE9 for ; Fri, 5 Dec 2003 14:01:54 -0800 (PST) (envelope-from tomt@callcds.com) Date: Fri, 5 Dec 2003 11:50:44 -0500 Message-Id: <200312051150.AA775094352@callcds.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii From: "Tom Thompson" To: Tom Thompson , Matthew Faircliff X-Mailer: cc: questions@freebsd.org Subject: Re: IPSEC Tunnel Routing question X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: tomt@callcds.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Dec 2003 22:01:58 -0000 Thanks for the reply! I have tried what you recommended and basically nothing can talk over the vpn tunnels unless it is addressed on Building A or Building B's network. I have a router with an internet connection sitting at Building A and I set the defaultrouter in Building B to be the router address. I can ping the router but the traffic will not even go thru the vpn and I get ping saying the network is down. I can post configs if you think it will help Thanks Tom ---------- Original Message ---------------------------------- From: Matthew Faircliff Date: Fri, 5 Dec 2003 11:23:33 +0000 >Hello Tom, > >So I assume by working you mean that the two computers can ping one >another? > >If so, simply set the computer in Builing B to have a default route to >the IP of the computer in Building A: > >[Building B]# route add default 10.0.0.1 > >Where 10.0.0.1 is the IP of the computer in Building A. Also, ensure >that any firewall in A allows traffic from Building B to flow in and >out router etc. > >HTH. > >Matthew Faircliff > >On Thu, Dec 04, 2003 at 06:50:08PM -0500, Tom Thompson wrote: >Date: Thu, 4 Dec 2003 18:50:08 -0500 >From: "Tom Thompson" >To: >X-Mailer: >Subject: IPSEC Tunnel Routing question > >I would like to route all traffic over a gif/ipsec tunnel > >I have the following situation >Existing internet connection in building A >Building to building wireless(between building A and Building B) > >To secure the traffic going across the wireless I would like to run an >ipsec tunnel between freebsd 5.1 based machines sitting at Building A >and Building B. I have the tunnels up and running but I am experiencing >a problem with routing. Building B does not have an internet connection >so it needs to use the internet connection at Building A. > >To lay it out in more details >Router at building A connections to the internet >FreeBSD 5.1 machine at Building A connects to router and to wireless bridges >FreeBSD 5.1 machine at Building B connects to Wireless bridges and internal network > >What do I need to do you get traffic to flow from Building B to >Building A and out A's internet connection? > >I have tried setting building B defaultrouter to building A internal address(other side of GIF tunnel) > >Thanks >Tom >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >