I have a similar configuration, what are your internal router/firewall ip's?

From your diagram, I would think something like 10.1.0.1 and 10.2.0.1 ??

so where you have:

# ifconfig gif0 inet 10.255.255.1 10.255.255.2 netmask 255.255.255.252

My config would have:

# ifconfig gif0 10.1.0.1 10.2.0.1 netmask 0xffffffff

Hope that helps, I run VPN tunnels to two separate boxes with similar configurations, forming kinda of a triangle VPN if you will.

David

Aaron Burke wrote:
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of
Krassimir Slavchev
Sent: Friday, February 21, 2003 12:21 AM
To: [EMAIL PROTECTED]
Subject: gif tunnels?


Hello All,

I have:

Private Net 1      Firewall 1        Firewall 2      Private Net 2
---------------    ------------      ------------    ---------------
| 10.1.0.0/24 |----| FBSD 4.7 |--//--| FBSD 4.7 |----| 10.2.0.0/24 |
---------------    ------------      ------------    ---------------
                       |______tunnel______|

I want to configure tunnel between "Private Net 1" and "Private Net 2"
and
can not get tunnel to work when Public IP of "Firewall 1" and "Firewall
2" are
from same subnet. If public IPs of my firewalls are from different
subnets all works fine.

On "Firewall 1" I do:
# ifconfig gif0 create
# gifconfig gif0 x.y.z.1 x.y.z.2
# ifconfig gif0 inet 10.255.255.1 10.255.255.2 netmask 255.255.255.252
# route add -net 10.2.0.0/24 10.255.255.2

On "Firewall 2" I do:
# ifconfig gif0 create
# gifconfig gif0 x.y.z.2 x.y.z.1
# ifconfig gif0 inet 10.255.255.2 10.255.255.1 netmask 255.255.255.252
# route add -net 10.1.0.0/24 10.255.255.1

Is there any way to get this to work?

You may want to check out http://www.nullplusone.com/vpn .It describes
a slightly different situation. Here there is a link from the 192.168.0.0/24
to 10.1.1.0/24.


Thanks in advance
Hope this site is some help



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message
--
David Cramblett



To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to