From: Garry Glendown (garry_at_glendown.de)
Date: Tue Jul 30 2002 - 13:58:09 CEST
Jon Erdman wrote:
> Garry Glendown wrote:
>
>> After trying to solve this for a while now, I'm kind of out of options
>> ...
>>
>> OK, here's the setup ...
>>
>> external net --- Cisco --- DSL-Router --- INTERNET --- Linux
>> |
>> --- Cisco
>>
>> The DSL Router is a LinkSys VPN router, and the plain VPN connection
>> between it and FreeS/WAN is up and running fine (AFAIK).
>> I need to connect an external net (with official IPs) through the VPN,
>> which I had planed to do using a GRE tunnel between the two Cisco
>> routers.
> I don't get it. What's the point of the 2 Cisco devices? Why add a GRE
> tunnel over an IPSec tunnel?
>
> It seems to me you already have what you want, just by virtue of the
> freeswan to linksys connection.
OK, I do need the router on the left anyway to feed a 128k ISDN leased
line. I came up with the GRE-Tunnel after trying it differently -
without success ... (without improvement it seems). Point is I need to
feed a publicly announced network through the tunnel to the Cisco on the
left and the link behind it... I'm more than willing to try a different
approach ... suggestions welcome ...
Actually, why I thought I should try with a GRE tunnel: The IPs used
from the machines behind the 128k LL will always need to go THROUGH the
tunnel, not around it, otherwise they would be masqueraded by the DSL
router. On the other hand, there are local clients (in the same local
net as the Cisco/DSL-Router that may use the internet w/o going through
the tunnel ...) Easiest way to do that IMO is terminate the GRE tunnel
with the Cisco und just feed everything except the connection to the
other end through that tunnel ...
-gg
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.4 : Mon Aug 05 2002 - 21:01:34 CEST