From owner-freebsd-net@FreeBSD.ORG Wed Jun 23 09:07:10 2010 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id EC5301065675; Wed, 23 Jun 2010 09:07:10 +0000 (UTC) (envelope-from ralf@dzie-ciuch.pl) Received: from mail.ewipo.pl (mail.ewipo.pl [94.23.240.128]) by mx1.freebsd.org (Postfix) with ESMTP id A98098FC29; Wed, 23 Jun 2010 09:07:10 +0000 (UTC) Received: from mail.ewipo.pl (localhost [127.0.0.1]) by mail.ewipo.pl (Postfix) with ESMTP id 2260122910; Wed, 23 Jun 2010 11:07:03 +0200 (CEST) X-Virus-Scanned: amavisd-new at wrealizacji.pl Received: from mail.ewipo.pl ([127.0.0.1]) by mail.ewipo.pl (mail.ewipo.pl [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dNdv8ZHBZ1HG; Wed, 23 Jun 2010 11:07:01 +0200 (CEST) Received: by mail.ewipo.pl (Postfix, from userid 80) id 260BC228F9; Wed, 23 Jun 2010 11:07:01 +0200 (CEST) To: VANHULLEBUS Yvan X-PHP-Script: poczta.wrealizacji.pl/index.php for 89.171.191.50 MIME-Version: 1.0 Date: Wed, 23 Jun 2010 11:07:01 +0200 From: In-Reply-To: <20100623085831.GA74559@zeninc.net> References: <20100622201130.5824d585@gda-arsenic> <20100622182242.GU2620@verio.net> <20100622204107.6c604c17@gda-arsenic> <20100623080555.GB74303@zeninc.net> <5e8d1141ecf3d922c00114e41585a67f@ewipo.pl> <20100623083228.GA74453@zeninc.net> <20100623084519.GA74491@zeninc.net> <20100623085831.GA74559@zeninc.net> Message-ID: <292cf4e1f2be5823aaef46907565f9c6@ewipo.pl> X-Sender: ralf@dzie-ciuch.pl User-Agent: EWIPO Webmail/0.3.1 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 Cc: freebsd-net@freebsd.org Subject: Re: vpn trouble X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 23 Jun 2010 09:07:11 -0000 Hmmm, Maybe I do some error using gateway 10.20.0.1? Maybe I have to set something in route to network 10.10.1.x go throught gif0 interface? Ralf On Wed, 23 Jun 2010 10:58:31 +0200, VANHULLEBUS Yvan wrote: > On Wed, Jun 23, 2010 at 10:52:19AM +0200, ralf@dzie-ciuch.pl wrote: > [....] >> When on one console i type tcpdump -i gif0 I don't receive any values! >> So I thing I should set route do it right? >> >> Can you tell me how to do it? >> >> netstat -rn print something like this: >> Destination Gateway Flags Refs Use Netif >> Expire >> default 78.x.x.x UGS 3 49544466 bce1 >> 10.10.1.90 10.20.0.1 UH 2238 13439 gif0 >> >> Is it ok? or I do something wrong? > > Check with your peer's configuration, but using such extra IP-IP > encapsulation (via gif interfaces on FreeBSD) is NOT the usual way of > setting up IPsec tunnels.... > > > If your peer expects usual IPsec setups, you should just have SPD > entries as specified in your very first mails. > > > Yvan. > _______________________________________________ > freebsd-net@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"