> On 19 Nov 2024, at 12:07, Tom Smyth <tom.sm...@wirelessconnect.eu> wrote:
> 
> Folks
> did  anyone have success using sec(4) interfaces on Site to Site VPNs
> between OpenBSD and Fortinet ? I want to route via the sec interface
> rather than specify static policies in iked.conf

no experience, sorry. if you've ever configured a policy based vpn between 
openbsd and a fortinet, then it should be straightforward.

> or should I be using gre(4) gif(4) or some other tunnel device to
> bring up an interface which I can put an ip address on and route over
> ,
> 
> any pointers would be really appreciated

gre over ipsec is much more likely to work than gif. i'd argue sec would be 
easier because you don't need to know the ips for the tunnel endpoints like you 
do for gre (and gif).

cheers,
dlg

> 
> thanks
> 
> Tom Smyth
> 
> 
> -- 
> Kindest regards,
> Tom Smyth.
> 

Reply via email to