Tunneling issues
Mike Tancsa
mike at sentex.net
Fri Jul 4 01:55:50 UTC 2008
At 03:15 PM 7/3/2008, zaphod at fsklaw.com wrote:
>I have a real poser, and I ccan't solve it.
>
>Currently I have a ipsec vpn tunneling 14 servers through a central server.
>
>I would like to restructure this so that each server talks to each other
>directly, rather than passing everything through a single server.
>
>However, on every other machine I cannot get a second tunnel to come up.
>Not a gre or gif tunnel. And yet I have 14 on the central machine.
You would need a lot of policies on each of the boxes (14) but there
is no reason it should not work. Do each of the sites have a unique
subnet ? Do they have static IP addresses ?
An easier solution might be to use something like OpenVPN which
allows all the boxes to auth and route through a single server, but
they can also talk to each other with a single config option.
---Mike
More information about the freebsd-net
mailing list