I have few questions regarding the Dynamic Rouitng (i.e. routed) and gif0 interface.
I go through the following documents:
http://www.freebsd.org/handbook/ipsec.html http://asherah.dyndns.org/~josh/ipsec-howto.txt
and follow the following steps:
1. Configure the gif0 interface using the www.freebsd.org/handbook/ipsec.html diagram as reference, it work fine (tested by ping)
2. Configure IPSec in Transport mode (since I am interested in forwarding dynamic routing information over point-2-point VPN) using draft-touch-ipsec- vpn approach, i.e: IPSec policy
spdadd A.B.C.D W.X.Y.Z any -P out ipsec esp/transport//use;
spdadd W.X.Y.Z A.B.C.D any -P in ipsec esp/transport//use;
It works fine (ping test).
3. Now I start "routed" with "-s" options, It never saw any routing information flow through the VPN (tcpdump).
4. So, I disabled the IPSec and try again but I still saw no routing information over VPN (tcpdump).
5. So, I disabled the gif0 interface as well, I saw the RIP packets exchanges between two freeBSD machine.
Summary: 1. routed works fine without gif0 interface. 2. VPN works fine without routed.
Question:
Now my questions are
1. There is any in-compatibility (or known bug) between routed and gif0 interface (I am using freeBSD 4.8 Release).
2. Is there any freeBSD document which describe how to configure gif0 and routed together.
Thanks, Amin
_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus&pgmarket=en-ca&RU=http%3a%2f%2fjoin.msn.com%2f%3fpage%3dmisc%2fspecialoffers%26pgmarket%3den-ca
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
