On 2010-03-30, Girish Venkatachalam <[email protected]> wrote: > Dear all, > > I find no explicit mention of how to encapsulate and decapsulate IPsec > protected packets in tunnel mode. > > Are we supposed to use gre0 or gif0 interface to add routes? > > I am able to create SAs using automatic keying with isakmpd and 1 line > in ipsec.conf.
If you describe your configuration, the output from the relevant commands (e.g. sudo ipsecctl -sa, netstat -n), what if any changes you've made to PF rules to accommodate the vpn, how you're testing, etc, perhaps someone can help. > But I am unable to connect two private networks. How to achieve that? the simplest way is basically: setup automatic keying, add an ike esp... line to ipsec.conf, turn on IP forwarding, make sure the firewall is setup correctly, and that's about it.
