From owner-freebsd-net@FreeBSD.ORG Thu Jul 3 19:40:36 2008 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 36A76106568A for ; Thu, 3 Jul 2008 19:40:36 +0000 (UTC) (envelope-from zaphod@fsklaw.com) Received: from thor-new.fsklaw.com (thor-new.fsklaw.com [64.174.116.34]) by mx1.freebsd.org (Postfix) with ESMTP id 1AC598FC14 for ; Thu, 3 Jul 2008 19:40:35 +0000 (UTC) (envelope-from zaphod@fsklaw.com) Received: from localhost (localhost [127.0.0.1]) by thor-new.fsklaw.com (Postfix) with ESMTP id 50D5B166307C for ; Thu, 3 Jul 2008 12:15:58 -0700 (PDT) Received: from thor-new.fsklaw.com ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 11160-06 for ; Thu, 3 Jul 2008 12:15:54 -0700 (PDT) Received: from cor (unknown [192.168.61.119]) by thor-new.fsklaw.com (Postfix) with ESMTP id DA1071663055 for ; Thu, 3 Jul 2008 12:15:54 -0700 (PDT) Received: from 192.168.62.153 (SquirrelMail authenticated user zaphod) by cor with HTTP; Thu, 3 Jul 2008 12:15:09 -0700 (PDT) Message-ID: <8f7879db41dbaecc479a017110e8f32f.squirrel@cor> Date: Thu, 3 Jul 2008 12:15:09 -0700 (PDT) From: zaphod@fsklaw.com To: freebsd-net@freebsd.org User-Agent: SquirrelMail/1.4.15 MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Priority: 3 (Normal) Importance: Normal X-Virus-Scanned: by amavisd-new at fsklaw.com Subject: Tunneling issues X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 03 Jul 2008 19:40:36 -0000 I have a real poser, and I ccan't solve it. Currently I have a ipsec vpn tunneling 14 servers through a central server. Like this: ________________ | | |_______________| | | _________________ | | |________________| | | _________________ | | |________________| I would like to restructure this so that each server talks to each other directly, rather than passing everything through a single server. However, on every other machine I cannot get a second tunnel to come up. Not a gre or gif tunnel. And yet I have 14 on the central machine. The central machine is FreeBSD5.3, the rest are 6.1 or greater. I also fear that I won't be able to update the central server, because I fear not being able to get the tunnels up. I have been just trying to tunnel. IPSEC isn't the issue as I'm not binding an ipsec policy to the tunnel. I've been googling for days, and can't find anything on this. (Can't find anyone creating more than one tunnel). Any ideas would be appreciated as I'm totally stumped here. TIA Cheers, Zaphod