Subject: Re: Tunnelling in NetBSD - Query:
To: J. Buck Caldwell <buckaroo@igps.org>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: netbsd-users
Date: 12/07/2000 21:06:36
On Thu, Dec 07, 2000 at 10:48:25AM -0600, J. Buck Caldwell wrote:
> I'm getting ready to set up a remote site here at work, and we need to
> build a VPN or tunnel (preferably able to carry IPX as well as IP
> traffic) between our two networks. We currently use a NetBSD 1.4.3
> machine here to provide NAT & gateway service here at the main office,
> and will be setting up a NetBSD 1.5 machine at the new office (and
> upgrading the one here to 1.5 as well).
>
> Here's the current layout:
>
> Corporate Office:
> Public Interface: IP Address 9.9.9.40 /29 - default 9.9.9.46 (DSL
> Router).
> Private Interface: IP Address 192.168.0.1 /24
> IPF & NAT set up & working. Cisco Router at 192.168.0.250 routes to
> branch networks 192.168.x.0 /24, where x is the branch number. Branches
> hooked up via Frame Relay.This all works fine.
>
> New Branch:
> Too small to pay for Frame Relay, but hooking into host site's existing
> IP network.
> Public Interface: IP Address 8.8.8.37 /24
> Private Inteface: IP Address 192.168.12.1 /24 (12=branch number)
> IPF & NAT set up & working.
>
> I need to build a tunnel allowing packets to be sent from 192.168.12.x
> to 192.168.x.x and back and forth etc. Also, if possible, the tunnel
> should accept IPX traffic, but that can be sacrificed if need be.
>
> Am I going to need to use package VTUN to do this, or does NetBSD have a
> way built-in to do this?
You can use a gif tunnel for that, see gif(4). You may also want to use
ipsec to carry the tunnel packets if you care about security.
--
Manuel Bouyer <bouyer@antioche.eu.org>
--