Re: Gif IPTunnel networkA-to-networkB not work

From: hilman firmansyah (hilman_at_nap.net.id)
Date: 08/28/03

  • Next message: Daniel C. Sobral: "Re: subnetting C class into /26 /25 /26, why can this be done?" 
    To: <freebsd-net@freebsd.org>
Date: Thu, 28 Aug 2003 11:00:24 +0700

    Hi,

    I found the problem in : sysctl -w net.inet.ip.forwarding=1
    After i fix the problem the routes works fine. But then I know the VPN
    solutions is not the answer for the questions since lately I know that in
    real fact the 2 networks I try to connected is a Collide network !

    The clients in A side and the servers in B side. A and B is different office
    in one city, connected via fiber optic in vlan1 ( cant move to other vlan )
    that used by many corporate office in same time.

      [ Client ] -----[ fbsd A ]---------------------[ fbsd B]-------[
    Server ]-------- Intrnet

    10.0.0.0 |____ fiberoptic__________|
    10.0.0.1

    Is there any solutions with freebsd to make a Possible to encrypt the packet
    from fbsd A to fbsd B in transparent / bridging mode , So not internal data
    visible to other company network in same fiberoptic.

    regards,

    nb: I m still trying with IPSEC to make possible but the literatures always
    said the vpn working on different internal networks subnets

    ------------------------snip --------------------------------------------
    > > It is not a good idea to use gifs in parallel with IPsec tunnel mode.,
    > > to do this routing trick.
    >
    > Fully agreed. The point is that a lot of documents on the web advise
    > to set up a gif tunnel in order to set up a IPSec tunnel. Which
    > is essentially nonsense. Apparently the original poster fell into the
    > same trap. Hence my clarification.
    >
    > Helge
    ----------------------------snip -------------------------------------------
    -

    _______________________________________________
    freebsd-net@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-net
    To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

  • Next message: Daniel C. Sobral: "Re: subnetting C class into /26 /25 /26, why can this be done?"

    Relevant Pages

    • Re: Dell AximX3i Wireless PAN/LAN
      ... I'm using an Axim X3i and running WiNC on it; ... networks; pending you have the SSID off hand... ... The VPN included with Windows ... Symbol CF wireless card. ...
      (microsoft.public.pocketpc.wireless)
    • RE: [fw-wiz] Worms, Air Gaps and Responsibility
      ... Internet (albeit over VPN tunnels). ... Since a lot of networks span multiple sites, ...
      (Firewall-Wizards)
    • Re: IPsec performance just 55% of WAN bandwidth
      ... :my link for VPN throughput. ... Cisco's PIX. ... if you have MTU Path Detection functional [which you ... would have much less of an effect if AH is off in IPSec tunnel mode. ...
      (comp.security.misc)
    • Re: IPsec performance just 55% of WAN bandwidth
      ... :my link for VPN throughput. ... Cisco's PIX. ... if you have MTU Path Detection functional [which you ... would have much less of an effect if AH is off in IPSec tunnel mode. ...
      (comp.security.firewalls)
    • Re: [SLE] Is a VPN the right thing to use here?
      ... > Due to current circumstances, I have two separate networks, L and R, on ... For this a VPN is the best solution, IMO, and some might go so far as to ... including the two routers, as if they were working under "normal" ... The temporary router has two functions. ...
      (SuSE)