Hello, We have been trying to configure a GRE/IPSEC tunnel between our Fedora 11 firewall (with Shorewall 4.2 and ipsec-tools 0.7.2) and a Cisco firewall.
Please note that the use of GRE is NOT optional in our case. I know some might suggest to use some other type of VPN configuration, but we are interfacing with a Cisco firewall belonging to a coporation in Latin America, so we need to use GRE with IPSEC. First, let me tell you a little about our network. Firstly, the internal subnet of our network is 172.27.12.0/24, and the internal subnet of the remote network (with the Cisco firewall) is 172.16.184.0/21. The most difficult thing I have to understand is the following. This is from the Cisco FW: Interface loopbackX Ip address 10.216.91.168 255.255.255.255 interface TunnelX description TUNEL-GRE ip address 172.16.184.1 255.255.248.0 tunnel source LoopbackX tunnel destination 10.15.25.225 end My question is relatively simple: how to I configure the loopback address 10.15.25.225/32 into Shorewall in order to connect with this Cisco FW? IN order to be able configure Shorewall so that the tunnel source is 10.15.25.225/32 and the tunnel destination is 10.216.91.168/32? So here's the final question: *** How to do configure Shorewall to use looback addresses with GRE as in the above Cisco configuration example? *** Thanks for any assistance you can provide! Many thanks, Jesse L. Zamora ------------------------------------------------------------------------------ Enable your software for Intel(R) Active Management Technology to meet the growing manageability and security demands of your customers. Businesses are taking advantage of Intel(R) vPro (TM) technology - will your software be a part of the solution? Download the Intel(R) Manageability Checker today! http://p.sf.net/sfu/intel-dev2devmar _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
