> On 19 Nov 2024, at 12:07, Tom Smyth <tom.sm...@wirelessconnect.eu> wrote:
>
> Folks
> did anyone have success using sec(4) interfaces on Site to Site VPNs
> between OpenBSD and Fortinet ? I want to route via the sec interface
> rather than specify static policies in iked.conf
no experience, sorry. if you've ever configured a policy based vpn between
openbsd and a fortinet, then it should be straightforward.
> or should I be using gre(4) gif(4) or some other tunnel device to
> bring up an interface which I can put an ip address on and route over
> ,
>
> any pointers would be really appreciated
gre over ipsec is much more likely to work than gif. i'd argue sec would be
easier because you don't need to know the ips for the tunnel endpoints like you
do for gre (and gif).
cheers,
dlg
>
> thanks
>
> Tom Smyth
>
>
> --
> Kindest regards,
> Tom Smyth.
>
