Hi, I have hub-and-spoke wan topology which consists of cisco routers. I'd like to replace one of spokes with OpenBSD, and - if everything goes well - other spokes as well. There is no possibility of changing hub router at this stage.
Hub router is configured with "virtual tunnel interfaces with ip security" - flows are not specified by access lists, all traffic flowing through tunnel is protected: interface Tunnel102 description BRANCHOFFICE01 bandwidth 10000 ip address 10.80.0.1 255.255.255.252 qos pre-classify tunnel source FastEthernet0/0/0 tunnel mode ipsec ipv4 tunnel destination 192.168.112.6 tunnel protection ipsec profile IPSECPROFILE What would be matching ipsec configuration on OpenBSD spoke router? Thank you in advance, -- Before enlightenment - chop wood, draw water. After enlightenment - chop wood, draw water. Marko Cupać https://www.mimar.rs/
