Interfaces GRE

Stephane

Hi all,
I'm preparing a full mesh VPN IPSec over GRE design. We will have many sites.
How many GRE interfaces is possible to set in PFSense 2.0 ?

Thanks for your help.

Stephane

jimp

There aren't any limits in the GUI

dhatz

With regard to creating fully-meshed IPSEC VPNs consisting of many sites, does pfsense support something like Cisco's VTI (Virtual Tunnel Interface) tunnel technology ?

Juniper calls it "Secure Tunnel Interface", Fortinet calls it "Interface mode IPSEC" and all are compatible with each other..

jimp

pfSense 2.0 support both Tunnel mode (the mode everyone is used to) as well as Transport mode, which just encrypts between the endpoints, and then you run your own GIF/GRE/Whatever on top of that.

I'm not sure what mode they run in for that kind of setup, but either way it can probably be made to work.

dhatz

Thx jimp, I'll look into it.

Basically what I had in mind was a setup of OSPF over GRE over IPSEC, such as the one described at http://forums.juniper.net/t5/SRX-Services-Gateway/srx-210-and-cisco-870-ospf-over-gre-over-ipsec/td-p/35672

Stephane

Hi dhatz,

That's what I'm trying to do also. Although I'm able to ping all hosts, I've an issue when I try to access a webpage. See my other post : http://forum.pfsense.org/index.php/topic,41522.0.html.

Feel free to ask question about the conf if you need help.