Re: Tunneling issues
- From: zaphod@xxxxxxxxxx
- Date: Wed, 9 Jul 2008 08:21:06 -0700 (PDT)
At 03:15 PM 7/3/2008, zaphod@xxxxxxxxxx wrote:
I have a real poser, and I ccan't solve it.
Currently I have a ipsec vpn tunneling 14 servers through a central
server.
I would like to restructure this so that each server talks to each other
directly, rather than passing everything through a single server.
However, on every other machine I cannot get a second tunnel to come up.
Not a gre or gif tunnel. And yet I have 14 on the central machine.
You would need a lot of policies on each of the boxes (14) but there
is no reason it should not work. Do each of the sites have a unique
subnet ? Do they have static IP addresses ?
An easier solution might be to use something like OpenVPN which
allows all the boxes to auth and route through a single server, but
they can also talk to each other with a single config option.
---Mike
Mike, thanks for the response.
I agree it should work. But it's not. With respect to the next two
questions, yes and yes.
I'm not a huge fan of OpenVPN, but the bigger issue is that the gif
tunnels come up at boot up. As well as routes. Given the client server
nature of OpenVPN it is suitable, because if a server reboots, I'm not
certain a client would auto re-connect. But I have done no testing. And
If I can't reesolve this I may have to.
Cheers,
Zaphod
_______________________________________________
freebsd-net@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Tunneling issues
- From: Mike Tancsa
- Re: Tunneling issues
- References:
- Tunneling issues
- From: zaphod
- Re: Tunneling issues
- From: Mike Tancsa
- Tunneling issues
- Prev by Date: Re: svn commit: r180256 - head/sys/dev/arl
- Next by Date: Re: Tunneling issues
- Previous by thread: Re: Tunneling issues
- Next by thread: Re: Tunneling issues
- Index(es):
Relevant Pages
|
