ipsec setup question

From: Alwyn Goodloe (agoodloe@gradient.cis.upenn.edu)
Date: 01/07/02


Date: Mon, 7 Jan 2002 13:49:19 -0500 (EST)
From: Alwyn Goodloe <agoodloe@gradient.cis.upenn.edu>
To: <freebsd-security@FreeBSD.ORG>


 Hi folks, I am trying to set up an IPV4 over IPV4 tunnel on a testbed of
four systems I have setup for research. Because its research my configuration
is probably a bit different than most of you would run in practice.
The first test would have a tunnel bewteen the two ends of the network.
(You can think of this as the client and server both acting as gateways
with two routers in between).

From the somewhat limited documentation I did the
following:

gifconfig gif0 inet 192.168.1.3 192.168.5.12
ifconfig gif0 inet 192.168.1.3 192.168.5.12
route add -net 192.168.5.12 -interface gif0

Unfortunately I get the error message:

error_message=/kernel:gif_out:recursively called too many times

Anyone got any ideas??

Also I would like to nest tunnels and by that I mean

say have an end to end tunnel with ESP but have each intermediate router
(there are two of them) check AH headers on the packet. Anyone see any
problems with this.

Alwyn Goodloe
agoodloe@gradient.cis.upenn.edu

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message