On 2009-05-31, Stuart Henderson wrote:
>> Uhm. The tunnel endpoints and the gre src and dest IPs are the same. I
>> have a bad feeling about that.
>
> ahh, changing that gets me a lot further, thanks. gre's nasty hack
> to toggle the address's LSB isn't quite enough then; not a problem.
>
>> Addit
On 2009-05-31, Claudio Jeker wrote:
> On Sun, May 31, 2009 at 01:13:25PM +, Stuart Henderson wrote:
>> On 2009-05-31, Stuart Henderson wrote:
>> > On 2009-05-29, Stuart Henderson wrote:
>> >>
>> >> OSPF over gre's or gif's (which can then themselves be protected by
>> >> ipsec) is probably t
On Sun, May 31, 2009 at 01:13:25PM +, Stuart Henderson wrote:
> On 2009-05-31, Stuart Henderson wrote:
> > On 2009-05-29, Stuart Henderson wrote:
> >>
> >> OSPF over gre's or gif's (which can then themselves be protected by
> >> ipsec) is probably the fastest option at present on OpenBSD.
> >
On 2009-05-31, Stuart Henderson wrote:
> On 2009-05-29, Stuart Henderson wrote:
>>
>> OSPF over gre's or gif's (which can then themselves be protected by
>> ipsec) is probably the fastest option at present on OpenBSD.
>
> Hrmm. And then I try it...
>
> Does anyone actually have this working and i
On 2009-05-29, Stuart Henderson wrote:
>
> OSPF over gre's or gif's (which can then themselves be protected by
> ipsec) is probably the fastest option at present on OpenBSD.
Hrmm. And then I try it...
Does anyone actually have this working and if so would they mind
sharing config? I'm seeing the
James Mackinnon wrote on Friday, May 29, 2009 6:25 PM
> Hi All
>
> Thanks for your feedback.
>
> The guy regarding the cisco is a CCIE so I tend to accept his
> statements
> quick enough..
>
> In VPN, I am referencing it in general terms in the creation of a
> private
> network over a public net
In cisco speak, with pretty pictures:
http://www.cisco.com/en/US/tech/tk583/tk372/technologies_configuration_example09186a00800a43f6.shtml
On OpenBSD, it works analoguously, except that it's much cleaner :)
Just think of the ipsec secured gre tunnel as a wire from point A to B.
Make two such wire
ver to the second IP.
fun little project, very small to almost nil budget is the challange.
Cheers
James
- Original Message -
From: "Stuart Henderson"
To:
Sent: Friday, May 29, 2009 7:37 PM
Subject: Re: multilink VPN
On 2009-05-29, Toni Mueller wrote:
On Wed, 27.05.20
On 2009-05-29, Toni Mueller wrote:
> On Wed, 27.05.2009 at 22:07:25 -0300, James Mackinnon
> wrote:
>> I need to setup redundant VPN's between these locations without the use of
>> BGP.
>
>> I have used sasync in the past, pfsync etc however, I have not tried to setup
>> a VPN where 2 ISPs are u
Internet, between your sites?
FWIW, I've configured semi-"multilink" VPN in the past (before the
"CARP age"), with this kind of setup:
LAN1 --- FW{1,2} --- Internet --- FW{3,4} --- LAN2
with
LAN1, FW1, FW2: my end
FW3, FW4, LAN2: other end (not accessible to me)
Man
Hi All
Here is my situation and I am hoping for a little guidance on this one
I have 2 locations, both with 2 fiber internet connections
I need to setup redundant VPN's between these locations without the use of
BGP.
So, my setup would be something like this
Location A
Firewall 1
Connection t
11 matches
Mail list logo
