Date: Thu, 03 Jul 2008 21:55:41 -0400 From: Mike Tancsa <mike@sentex.net> To: zaphod@fsklaw.com, freebsd-net@freebsd.org Subject: Re: Tunneling issues Message-ID: <200807040155.m641tl8s000607@lava.sentex.ca> In-Reply-To: <8f7879db41dbaecc479a017110e8f32f.squirrel@cor> References: <8f7879db41dbaecc479a017110e8f32f.squirrel@cor>
next in thread | previous in thread | raw e-mail | index | archive | help
At 03:15 PM 7/3/2008, zaphod@fsklaw.com wrote:
>I have a real poser, and I ccan't solve it.
>
>Currently I have a ipsec vpn tunneling 14 servers through a central server.
>
>I would like to restructure this so that each server talks to each other
>directly, rather than passing everything through a single server.
>
>However, on every other machine I cannot get a second tunnel to come up.
>Not a gre or gif tunnel. And yet I have 14 on the central machine.
You would need a lot of policies on each of the boxes (14) but there
is no reason it should not work. Do each of the sites have a unique
subnet ? Do they have static IP addresses ?
An easier solution might be to use something like OpenVPN which
allows all the boxes to auth and route through a single server, but
they can also talk to each other with a single config option.
---Mike
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200807040155.m641tl8s000607>