[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPv6 'giftunnel' via IPSEC?

To: misc@openbsd.org
Subject: IPv6 'giftunnel' via IPSEC?
From: Adrian Close <adrian@close.wattle.id.au>
Date: Mon, 17 Jun 2002 18:25:21 +1000 (EST)

Hi all,

Yes, I'm back with another weird 'n' wonderful IPSEC scenario.

I'm in the process of decommisioning a modem link between two sites whose
sole remaining purpose in life is to provide IPv6 connectivity.  I'd like
to move this to the somewhat faster ADSL variety.

I already have working IPSEC-secured IPv4 connectivity between the two
sites.  I'm trying to set up a 'giftunnel' for IPv6 transport via this
IPSEC tunnel (e.g. 'ifconfig gif0 giftunnel <site_A_ip> <site_B_ip>').

The tricky bit is that <site_B_ip> is reachable only via the IPSEC tunnel
from site A (but this shouldn't matter, right?), because the address of
its ADSL link is dynamically assigned.

Unfortunately, I can't get a reply to ping6's of the link-local addresses
from either side.  I see the packets coming in on the respective enc0
interfaces, but no replies go out.

Any ideas you might have on the topic would be appreciated!  If this
doesn't work I might have to resort to running IPv6/PPP/UDP/IPSEC/IP, and
that would really be ugly...  ;)

Thanks,

Adrian Close			email:	adrian@close.wattle.id.au
1 Old Gippsland Rd.		web:	http://www.close.wattle.id.au/~adrian
Lilydale, VIC, 3140, Australia	mobile:	+61 412 385 201

Prev by Date: Re: Aperture, security
Next by Date: Re: wi0: wi_cmd failed with 60
Prev by thread: Re: preventing stop condition
Next by thread: Packetfilter using OBSD Bridging or classical Approach ?
Index(es):
- Date
- Thread