On Mon, Jun 07 2010 at 15:10, [email protected] wrote:
> Hello List,
>
> Have a working OSPF / BGP test setup going between two machines,
> with BGP using the loopback of the other machine as the endpoint.
>
> I now would like to go one step further and implement PF with
> pfsync over IPSec as I don't have any spare ethernet ports.
>
> The problem is that I've tried all sorts of ipsec.conf
> configurations (including various combinations using "local",
> "peer", "srcid", "dstid" parameters) .... however isakmpd always
> sees the incoming connection as originating from the IP address of
> the ethernet interface instead of the loopback.
>
> Has anyone on list had success in getting a VPN going between
> loopbacks ?
Aren't you looking for this ? :
r...@fw ~ # cat /etc/isakmpd/isakmpd.conf
# $Id: isakmpd.conf 44 2009-04-02 16:32:20Z claer $
[General]
DPD-check-interval= 30
Default-phase-1-lifetime= 86400,60:86400
Default-phase-2-lifetime= 28800,60:86400
Listen-on= IP.IP.IP.IP
Claer
