We have a tunnel with pre-shared keys between one office and another. Data flows back and forth fine. (we create static routes on the machines that talk back and forth over this tunnel)
Running OpenBSD 3.2 -stable Looking back over my logs it seems that I get a lot of these error messages: gif_output: recursively called too many times We have the following configs: bridgename.bridge0: (Thisis our transparent bridge for firewall) add xl0 add xl1 up bridgename.bridge1: add gif1 add xl2 up !ifconfig gif1 giftunnel 12.5.18.227 63.141.18.155 !ifconfig gif1 up !ifconfig enc0 up !/sbin/ipsecadm new esp -src 12.5.18.227 -dst 63.141.18.155 -forcetunnel -spi 1000 -enc 3des -auth sha1 -keyfile /etc/vpn/enc_key -authkeyfile /etc/vpn/auth_key !/sbin/ipsecadm new esp -src 63.141.18.155 -dst 12.5.18.227 -forcetunnel -spi 1001 -enc 3des -auth sha1 -keyfile /etc/vpn/enc_key -authkeyfile /etc/vpn/auth_key !ipsecadm flow -out -require -proto esp -src 12.5.18.227 -dst 63.141.18.155 -addr 12.5.16.112/28 63.141.18.128/26 !ipsecadm flow -in -require -proto esp -src 12.5.18.227 -dst 63.141.18.155 -addr 63.141.18.128/26 12.5.16.112/28 Our PF.conf does have the appropriate holes opened for the tunnel as well (all filtering done on $ext interface): pass in quick on $ext from $VPNB to $VPNA pass out quick on $ext from $VPNA to $VPNB pass in quick on enc0 from any to any pass out quick on enc0 from any to any pass in quick on bridge1 from any to any pass out quick on bridge1 from any to any pass in quick on gif1 from any to any pass out quick on gif1 from any to any Any clues that can help me.....tried googling for answers but didn't find any. --David Chubb Support Technician ======================= Virpack Inc. 1715 Pratt Drive Suite 3600 Blacksburg, VA 24060 Phone: 540-961-9160 Cell: 540-449-3308 E-mail: [EMAIL PROTECTED] =======================
