VPN over IPsec
Eric Anderson
anderson at centtech.com
Wed Dec 31 21:20:59 UTC 2003
axiom said:
> I have a question regarding the document that talks about "VPN over
> IPsec".
> I'm trying to create the interface gif0 at boot time and am adding the
> following to my /etc/rc.conf according to your document:
>
> gifconfig_gif0="A.B.C.D W.X.Y.Z"
> ifconfig_gif0="inet 192.168.1.1 192.168.2.1 netmask 0xffffffff"
> static_routes="vpn"
> route_vpn="192.168.2.0 192.168.2.1 netmask 0xffffff00"
>
> I've obviously changed the IP address schemes to fit my network.
>
> Using this same documentation on "VPN over IPsec" I can setup the gif0
> interface manually with no problems and everything works. I just don't
> want
> to have to set it up manually every time I reboot.
>
> Any suggestions on why the setup to /etc/rc.conf from your documentation
> doesn't work?
You've really answered your own question in the next paragraph.
Basically, the device doesn't exist yet, so it can't run these settings on
an interface that does not exist. It must first be created.
>
> ******************************************************************
>
> One other thing i'd like to point out on that document is that when you
> tell
> the user to run "gifconfig gif0 A.B.C.D W.X.Y.Z" it doesn't work. You must
> first create gif0 with "ifconfig gif0 create" and then continue with your
> documentation.
The documentation should be updated to reflect this. This is the old way
of doing it, when gif interfaces were set in-kernel. This changed
somewhere around FreeBSD 4.4ish I believe.
Does anyone know the correct way to create an interface on system boot,
before network is started? Or is this a piece for a /usr/local/etc/rc.d/
script?
Eric
-------------------------------------------------------------
Eric Anderson anderson at centtech.com Centaur Technology
You have my continuous partial attention
-------------------------------------------------------------
More information about the freebsd-doc
mailing list