Hi, SiteB and Sitec have OpenBSD Firewall ? The vpn is firewall to firewall, the manage of network is only route add xxx xx
2012/12/14 Henry Stilmack <h.stilm...@jach.hawaii.edu> > Running OpenBSD 4.5 (I know, I should upgrade it), with isakmpd and ipsec. > > Here's what I want to do: > > |----------|==================SiteB) > SiteA ---| Firewall | VPN Tunnels )---multiple subnets > |----------|==================SiteC) > > In words: > > I have a site in the US with an OpenBSD 4.5 firewall. It has one > connection to the Internet via a University LAN. We have set up IPsec > tunnels to 2 UK sites, which each act as VPN gateways to multiple > subnets. We want to have failover between the tunnels, but we want the > primary routes for the subnets to be configured through the "closest" > gateway. > > I've seen lots of discussion on how to do failover if you have multiple > external connections, but basically we are trying to set up failover if > one of the remote endpoints goes down, and to route the subnets on the > remote end dynamically. > > Is this even possible? > > -- > Henry Stilmack <h.stilm...@jach.hawaii.edu> Systems Administrator > UK/Canada/Netherlands Joint Astronomy Centre Tel: +1 808-969-6530 > 660 N. A'ohoku Place, Hilo, HI 96720 Fax: +1 808-961-6516 > GPG key: ID=70E73E16 Signature=133F14E79A8AE9858F38 3BA8BF2D914A70E73E16
