Eric Masson: >I'm experimenting dynamic routing protocols in a vpn setup. Ipsec tunnel >mode is not applicable here as selectors do not appear in system routing >table.
I think the problem is that you need multicasts to exchange routing updates through the tunnel. If I am not mistaken that is supported with gif interfaces as well. Maybe you could do away with gif? >On destination box, tcpdump shows incoming ipsec gre transformed >packets, but these packets don't make their way to internal interface, >and are silently dropped (no log anywhere) This is odd. Do you have a chance to test this against another IPSec box, e.g. a Cisco router configured with a GRE Tunnel interface? Helge _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-net To unsubscribe, send any mail to "[EMAIL PROTECTED]"
