On 23/11/05, Kor Boerema <[EMAIL PROTECTED]> wrote:
> Ok,
>
> I'm glad that it's possible, I just don't know how to put it all
> together yet.
>
> So I would have to create 2 gif tunnels at each branch office. One going
> over the leased lines and the other over internet.
>
> Over these GIF tunnels I would run ipsec to encrypt the data?
>
> Could you give some more information how to set this up? Just a
> overview.
>
> It's all a bit overwhelming to be honest.
>
1. You create the gif tunnels (firewall-firewall)
2. you encrypt the gif tunnels (firewall-firewall traffic, or leave
this for last)
3. You integrate it with your current routing setup and just treat the tunnels
as another leased line. Without knowing how your network routing is setup
it's hard to be more specific on this part.
Read the man page for gif and ifconfig and do a bit of trial and error.
The feeling of the head spinning will go away pretty quickly and you will
have a solution you feel confident with. If you don't get that feeling
don't use it.
This works the same with or without IPsec.
The gif setup is one ifconfig command on each end, I doubt you'll need help
with that.man page, tcpdump, trial/error.
/Tony
--
Tony Sarendal - [EMAIL PROTECTED]
IP/Unix
-= The scorpion replied,
"I couldn't help it, it's my nature" =-
