NetBSD-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

gre tunnel problem

I'm trying to emulate a cisco's behavior when creating an IPSEC + GRE tunnel to 
a fortigate device. IPSEC is working fine with racoon, but I can't quite figure 
out how to get the gre device on the netbsd device configured in such a way 
that the fortigate will route packets back over the tunnel. That's context -- 
the issue is seems to be failing to setup the gre device properly

Here the basic setup

10.8.199/24 --- Host A(netbsd, public A.B.C.D) <---
                                --> Host B(fortigate, public 

Host A's view

ifconfig gre1 create
ifconfig gre1 netmask 
ifconfig gre1 tunnel A.B.C.D E.F.G.H
route add -net 10.130.6/24

using the unused private addresses as interior endpoint which all seems to be 
fine, but I can't ping on host A since it still thinks this address 
should be reached via the default route. ping -r similarly fails. ( and of 
course, I can't ping or anything on the remote subnet )

Am I missing something here? The "fix" section of PR 43317 indicates what I'm 
doing above should work.

Any help would be appreciated. 

Harry Waddell

Home | Main Index | Thread Index | Old Index