On 2007/02/24 10:17, Chris Jones wrote: > which simplifies management substantially. For those that are not > familiar with route-based VPNs - they are essentially point-to-point > IPSEC connections which use virtual tunnel interfaces on the devices at > each end of the tunnel. Once an IPSEC connection is made between the two > devices you can uses firewall rules to filter traffic on these > interfaces as well as route networks through them.
... > Is it possible to achieve this with OpenBSD? Yes, you can protect comms between vpn endpoints, and then run gif(4) or gre(4) tunnels on top of that. You should be able to run OSPF over gif(4), I don't think you can run it over gre(4) on OpenBSD at the moment.