[Openswan Users] please help with gre over ipsec

Dmitry Melekhov dm at belkam.com
Tue Nov 1 15:24:23 CET 2005


Hello!

I need to pass ospf traffic over ipsec tunnel, so looks like I need to 
use gre.

Currently I have following connection:

conn ludoshur
        type=tunnel
        left=172.16.4.2
        leftsubnet=%default
        leftnexthop=172.16.4.1
        right=172.16.4.34
        rightsubnet=192.168.72.0/24
        rightnexthop=172.16.4.33
        keylife=1h
        auto=start
        authby=secret
        compress=yes


Looks like I need to remove type=tunnel to make it point to point.
What else do I need to change?

As I understand then I need to create tunnel.

IMHO, on 72 side I need something like this

ip tunnel add tun0 mode gre local 172.16.4.34 remote 172.16.4.2

Is this right?

Sorry for asking such questions, but it not easy to do expirements on 
high loaded hardware ;-)




More information about the Users mailing list