Re: gif tunnels?
On Fri, 21 Feb 2003, Krassimir Slavchev wrote: Hello All, I have: Private Net 1 Firewall 1Firewall 2 Private Net 2 --- --- | 10.1.0.0/24 || FBSD 4.7 |--//--| FBSD 4.7 || 10.2.0.0/24 | --- --- |__tunnel__| I want to configure tunnel between Private Net 1 and Private Net 2 and can not get tunnel to work when Public IP of Firewall 1 and Firewall 2 are from same subnet. If public IPs of my firewalls are from different subnets all works fine. On Firewall 1 I do: # ifconfig gif0 create # gifconfig gif0 x.y.z.1 x.y.z.2 # ifconfig gif0 inet 10.255.255.1 10.255.255.2 netmask 255.255.255.252 # route add -net 10.2.0.0/24 10.255.255.2 On Firewall 2 I do: # ifconfig gif0 create # gifconfig gif0 x.y.z.2 x.y.z.1 # ifconfig gif0 inet 10.255.255.2 10.255.255.1 netmask 255.255.255.252 # route add -net 10.1.0.0/24 10.255.255.1 Is there any way to get this to work? Your concept is right, I think your syntax is wrong. I use this sytnax: # ifconfig gif0 create # gifconfig gif0 tunnel x.y.z.1 x.y.z.2 # ifconfig gif0 10.255.255.1 10.255.255.2 netmask 255.255.255.252 # route add -net 10.2.0.0/24 10.255.255.2 Pay close attention to the tunnel keyword on line 2 above. Also, make sure gateway_enable=YES is in /etc/rc.conf. Nick Rogness [EMAIL PROTECTED] - How many people here have telekenetic powers? Raise my hand. -Emo Philips To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
RE: gif tunnels?
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Krassimir Slavchev Sent: Friday, February 21, 2003 12:21 AM To: [EMAIL PROTECTED] Subject: gif tunnels? Hello All, I have: Private Net 1 Firewall 1Firewall 2 Private Net 2 --- --- | 10.1.0.0/24 || FBSD 4.7 |--//--| FBSD 4.7 || 10.2.0.0/24 | --- --- |__tunnel__| I want to configure tunnel between Private Net 1 and Private Net 2 and can not get tunnel to work when Public IP of Firewall 1 and Firewall 2 are from same subnet. If public IPs of my firewalls are from different subnets all works fine. On Firewall 1 I do: # ifconfig gif0 create # gifconfig gif0 x.y.z.1 x.y.z.2 # ifconfig gif0 inet 10.255.255.1 10.255.255.2 netmask 255.255.255.252 # route add -net 10.2.0.0/24 10.255.255.2 On Firewall 2 I do: # ifconfig gif0 create # gifconfig gif0 x.y.z.2 x.y.z.1 # ifconfig gif0 inet 10.255.255.2 10.255.255.1 netmask 255.255.255.252 # route add -net 10.1.0.0/24 10.255.255.1 Is there any way to get this to work? You may want to check out http://www.nullplusone.com/vpn .It describes a slightly different situation. Here there is a link from the 192.168.0.0/24 to 10.1.1.0/24. Thanks in advance Hope this site is some help To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: gif tunnels?
I have a similar configuration, what are your internal router/firewall ip's? From your diagram, I would think something like 10.1.0.1 and 10.2.0.1 ?? so where you have: # ifconfig gif0 inet 10.255.255.1 10.255.255.2 netmask 255.255.255.252 My config would have: # ifconfig gif0 10.1.0.1 10.2.0.1 netmask 0x Hope that helps, I run VPN tunnels to two separate boxes with similar configurations, forming kinda of a triangle VPN if you will. David Aaron Burke wrote: -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Krassimir Slavchev Sent: Friday, February 21, 2003 12:21 AM To: [EMAIL PROTECTED] Subject: gif tunnels? Hello All, I have: Private Net 1 Firewall 1Firewall 2 Private Net 2 --- --- | 10.1.0.0/24 || FBSD 4.7 |--//--| FBSD 4.7 || 10.2.0.0/24 | --- --- |__tunnel__| I want to configure tunnel between Private Net 1 and Private Net 2 and can not get tunnel to work when Public IP of Firewall 1 and Firewall 2 are from same subnet. If public IPs of my firewalls are from different subnets all works fine. On Firewall 1 I do: # ifconfig gif0 create # gifconfig gif0 x.y.z.1 x.y.z.2 # ifconfig gif0 inet 10.255.255.1 10.255.255.2 netmask 255.255.255.252 # route add -net 10.2.0.0/24 10.255.255.2 On Firewall 2 I do: # ifconfig gif0 create # gifconfig gif0 x.y.z.2 x.y.z.1 # ifconfig gif0 inet 10.255.255.2 10.255.255.1 netmask 255.255.255.252 # route add -net 10.1.0.0/24 10.255.255.1 Is there any way to get this to work? You may want to check out http://www.nullplusone.com/vpn .It describes a slightly different situation. Here there is a link from the 192.168.0.0/24 to 10.1.1.0/24. Thanks in advance Hope this site is some help To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message -- David Cramblett To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
