hi all. implemented ospf routing between two gre-over-ipsec segments. failover
finally works beautifully. having comms issues where connecting to standard
web services across gre/ipsec seem to timeout, when connecting to tomcat apps
work fine. any clues where i should be looking for the problem
Chris Jones wrote:
Hey all,
I know that it's possible to run GRE over and IPsec tunnel but I am
wondering if anyone here has seen some good documentation (besides the man
pages) or a howto on setting this up. I'm trying to config my OpenBSD
4.0firewall to interop with a route-based VPN network
I may have been mistaken. I just pulled this information from this document
which Gregory Lebovitz from Netscreen co-authored back in 2003. On page 46
he talks about using GRE to create a virtual routing interfaces AKA tunnel
interface. I have configure route-based VPNs between a Netscreen and
This link would probably help ;)
http://www.isi.edu/div7/presentation_files/dynamic_routing.pdf
On 4/8/07, Chris Jones [EMAIL PROTECTED] wrote:
I may have been mistaken. I just pulled this information from this
document which Gregory Lebovitz from Netscreen co-authored back in 2003. On
page
Chris Jones writes:
I may have been mistaken. I just pulled this information from this document
which Gregory Lebovitz from Netscreen co-authored back in 2003.
No FortiGate model supported GRE in 2003, it wasn't added until 2006.
On page 46 he talks about using GRE to create a virtual
On 2007/04/08 14:43, Stephen J. Bevan wrote:
On page 46 he talks about using GRE to create a virtual routing
interfaces AKA tunnel interface. I have configure route-based VPNs
between a Netscreen and FortiGate which interop just fine, which
leads me to believe that they are using the
Stuart Henderson writes:
interesting; if my understanding of this and the RFC that the referenced
'touch' draft was published as (rfc3884), at one end you can configure one
side in *transport* mode carrying ipip encapsulated packets - gif(4) with
net.inet.ipip.allow=1, afaict - and the
Chris Jones writes:
Fortigates and Netscreens both use GRE interaces as
tunnel interfaces when creating route-based VPN tunnels.
FortiGates do not use GRE interface when creating route-based VPN tunnels.
The route-based VPN on a FortiGate creates packets that are identical
to IPsec
Hey all,
I know that it's possible to run GRE over and IPsec tunnel but I am
wondering if anyone here has seen some good documentation (besides the man
pages) or a howto on setting this up. I'm trying to config my OpenBSD
4.0firewall to interop with a route-based VPN network with a mix of
I ran into some kernel panics (watchdog reset) with GRE + ESP/Transport
(or ESP+GRE) back in the day. It was related to MTU assumptions etc.
There was a sendbug(8) related to it. Google seklecki gre ipsec
openbsd
http://archives.neohapsis.com/archives/openbsd/2006-01/0623.html
etc...
On
to use a similar configuration on the OpenBSD side but I am just
wondering how to accomplish this as I am uncertain how to bind the GRE
interface to a tunnel.
Hello Cris,
GRE is standard and works in OpenBSD as RFC says ;-)
When I was running gre over ipsec tunnel between two openbsd boxes
11 matches
Mail list logo