Re: [pfSense] GRE between 2 pfsense boxes

2015-03-31 Thread Abid khan 
Srill stuck on the GRE interface configuratuons. Is there any log for GRE which i can monitor to see where the issue is ?


Sent from my VEGA Original Message Subject: Re: [pfSense] GRE between 2 pfsense boxesFrom: Abid khan Date: Tue, 2015-03-31 08:30To: pfSense Support and Discussion Mailing List CC: Update:
I have set up the appropriate rules for iskamp gre and esp, however got stuck on GRE interface. 

I have defind remote and local gre addresses as my lan IPs but doesnt seem like i can pass any traffic thru the wans.

any pointers please?

thanks

Sent from my VEGA Original Message Subject: Re: [pfSense] GRE between 2 pfsense boxesFrom: Abid khan Date: Mon, 2015-03-30 21:22To: pfSense Support and Discussion Mailing List CC: GRE tunnels will not just between 2 pfsense units but also my juniper and cisco sites as well..which is the main reason why i dont want to start off with openvpn.



Sent from my VEGA Original Message Subject: Re: [pfSense] GRE between 2 pfsense boxesFrom: Adam Thompson Date: Mon, 2015-03-30 19:40To: pfSense Support and Discussion Mailing List ,Kevin Tollison CC: Performance and flexibility.  OpenVPN is good at getting unicast IP traffic from A to B, but it's difficult to, say, run OSPF over it.  It also need ridiculous amounts of CPU time to encrypt, especially painful in situations that don't need encryption.
So, yeah, there are a LOT of use cases where GRE is the better choice.
-AdamOn March 30, 2015 6:20:26 AM CDT, Kevin Tollison  wrote:
Would OpenVPN not be a better solution? 
Any constraints limiting you to GRE? 
On Mon, Mar 30, 2015, 6:09 AM Abid khan  wrote:Hi,

I am trying to implement a GRE tunnel over 2 publc WAN addresses, unfortunalty i cannot find a guide /howto- for the same.

can someone please point me to a guide which i can replicate. thanks

rgds
Abid


Sent from my VEGA___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
pfSense mailing listhttps://lists.pfsense.org/mailman/listinfo/listSupport the project with Gold! https://pfsense.org/gold
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] GRE between 2 pfsense boxes

2015-03-30 Thread Chris Buechler 
On Mon, Mar 30, 2015 at 6:40 AM, Adam Thompson  wrote:
> OpenVPN is good at getting unicast IP traffic from A to B, but it's difficult 
> to, say, run OSPF over it.

There are reasons, but that's not one of them. Lots of people run OSPF
over OpenVPN.
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] GRE between 2 pfsense boxes

2015-03-30 Thread Abid khan 
Update:
I have set up the appropriate rules for iskamp gre and esp, however got stuck on GRE interface. 

I have defind remote and local gre addresses as my lan IPs but doesnt seem like i can pass any traffic thru the wans.

any pointers please?

thanks

Sent from my VEGA Original Message Subject: Re: [pfSense] GRE between 2 pfsense boxesFrom: Abid khan Date: Mon, 2015-03-30 21:22To: pfSense Support and Discussion Mailing List CC: GRE tunnels will not just between 2 pfsense units but also my juniper and cisco sites as well..which is the main reason why i dont want to start off with openvpn.



Sent from my VEGA Original Message Subject: Re: [pfSense] GRE between 2 pfsense boxesFrom: Adam Thompson Date: Mon, 2015-03-30 19:40To: pfSense Support and Discussion Mailing List ,Kevin Tollison CC: Performance and flexibility.  OpenVPN is good at getting unicast IP traffic from A to B, but it's difficult to, say, run OSPF over it.  It also need ridiculous amounts of CPU time to encrypt, especially painful in situations that don't need encryption.
So, yeah, there are a LOT of use cases where GRE is the better choice.
-AdamOn March 30, 2015 6:20:26 AM CDT, Kevin Tollison  wrote:
Would OpenVPN not be a better solution? 
Any constraints limiting you to GRE? 
On Mon, Mar 30, 2015, 6:09 AM Abid khan  wrote:Hi,

I am trying to implement a GRE tunnel over 2 publc WAN addresses, unfortunalty i cannot find a guide /howto- for the same.

can someone please point me to a guide which i can replicate. thanks

rgds
Abid


Sent from my VEGA___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
pfSense mailing listhttps://lists.pfsense.org/mailman/listinfo/listSupport the project with Gold! https://pfsense.org/gold
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] GRE between 2 pfsense boxes

2015-03-30 Thread Abid khan 
GRE tunnels will not just between 2 pfsense units but also my juniper and cisco sites as well..which is the main reason why i dont want to start off with openvpn.



Sent from my VEGA Original Message Subject: Re: [pfSense] GRE between 2 pfsense boxesFrom: Adam Thompson Date: Mon, 2015-03-30 19:40To: pfSense Support and Discussion Mailing List ,Kevin Tollison CC: Performance and flexibility.  OpenVPN is good at getting unicast IP traffic from A to B, but it's difficult to, say, run OSPF over it.  It also need ridiculous amounts of CPU time to encrypt, especially painful in situations that don't need encryption.
So, yeah, there are a LOT of use cases where GRE is the better choice.
-AdamOn March 30, 2015 6:20:26 AM CDT, Kevin Tollison  wrote:
Would OpenVPN not be a better solution? 
Any constraints limiting you to GRE? 
On Mon, Mar 30, 2015, 6:09 AM Abid khan  wrote:Hi,

I am trying to implement a GRE tunnel over 2 publc WAN addresses, unfortunalty i cannot find a guide /howto- for the same.

can someone please point me to a guide which i can replicate. thanks

rgds
Abid


Sent from my VEGA___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold
pfSense mailing listhttps://lists.pfsense.org/mailman/listinfo/listSupport the project with Gold! https://pfsense.org/gold
-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] GRE between 2 pfsense boxes

2015-03-30 Thread Adam Thompson 
Performance and flexibility.  OpenVPN is good at getting unicast IP traffic 
from A to B, but it's difficult to, say, run OSPF over it.  It also need 
ridiculous amounts of CPU time to encrypt, especially painful in situations 
that don't need encryption.
So, yeah, there are a LOT of use cases where GRE is the better choice.
-Adam

On March 30, 2015 6:20:26 AM CDT, Kevin Tollison  wrote:
>Would OpenVPN not be a better solution?
>
>Any constraints limiting you to GRE?
>
>On Mon, Mar 30, 2015, 6:09 AM Abid khan  wrote:
>
>> Hi,
>>
>> I am trying to implement a GRE tunnel over 2 publc WAN addresses,
>> unfortunalty i cannot find a guide /howto- for the same.
>>
>> can someone please point me to a guide which i can replicate. thanks
>>
>> rgds
>> Abid
>>
>>
>> Sent from my VEGA___
>> pfSense mailing list
>> https://lists.pfsense.org/mailman/listinfo/list
>> Support the project with Gold! https://pfsense.org/gold
>
>
>
>
>___
>pfSense mailing list
>https://lists.pfsense.org/mailman/listinfo/list
>Support the project with Gold! https://pfsense.org/gold

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

Re: [pfSense] GRE between 2 pfsense boxes

2015-03-30 Thread Kevin Tollison 
Would OpenVPN not be a better solution?

Any constraints limiting you to GRE?

On Mon, Mar 30, 2015, 6:09 AM Abid khan  wrote:

> Hi,
>
> I am trying to implement a GRE tunnel over 2 publc WAN addresses,
> unfortunalty i cannot find a guide /howto- for the same.
>
> can someone please point me to a guide which i can replicate. thanks
>
> rgds
> Abid
>
>
> Sent from my VEGA___
> pfSense mailing list
> https://lists.pfsense.org/mailman/listinfo/list
> Support the project with Gold! https://pfsense.org/gold
___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold

[pfSense] GRE between 2 pfsense boxes

2015-03-30 Thread Abid khan 
Hi,

I am trying to implement a GRE tunnel over 2 publc WAN addresses, unfortunalty i cannot find a guide /howto- for the same.

can someone please point me to a guide which i can replicate. thanks

rgds
Abid


Sent from my VEGA___
pfSense mailing list
https://lists.pfsense.org/mailman/listinfo/list
Support the project with Gold! https://pfsense.org/gold