On Wed, 28 Dec 2005 16:04:04 +0100, "Phil Regnauld" <[EMAIL PROTECTED]> said: > Yes, here using tunnel is indeed odd, it would make more sense > of using IPIP or just GRE in transport mode.
I have often used GRE+IPsecTransport -- this allows routing protocols, link state (if you have GRE keepalives), etc, to function correctly, and I think it is easier to see what is going on than the "transparent" IPsec tunnel approach. Haven't done it with FreeBSD, though. --ckg -- Clark Gaylord Blacksburg, VA USA [EMAIL PROTECTED] _______________________________________________ freebsd-net@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
