Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Help me on the interface GIF

    IPsec
    2
    3
    451
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JMizuno
      last edited by JMizuno

      Hi everyone,
      I am trying to bring 192.168.10.0/24 subnet from Japan to Australia as we need to broadcast from Australia to detect the device in Japan. (BNJ Discovery Protocol is used)
      Currently I am using Windows OpenVPN TAP bridge to achieve this which is not that stable.
      2 sites are already connected via VTI IPSec.

      I was advised that GIF could make it but I think not many people have tried this and I don't know how to configure GIF please?

      Could someone help me to setup GIF.

      • Parent Interface
      • GIF Remote Address
      • GIF tunnel local address
      • GIF tunnel remote address
      • GIF tunnel subnet

      pfSense 2.4.5 running on ESXi

      Thanks for your support in advance.

      607f707b-78bc-48c9-8d6b-6e0d1ac829f3-image.png

      K 1 Reply Last reply Reply Quote 0
      • K
        Konstanti @JMizuno
        last edited by Konstanti

        @JMizuno
        Hi
        For bridging networks at the L2 level, you can try

        1. Configure an Openvpn tunnel between two PFSense (client + server ) in Tap Mode
          08fb9072-8474-4152-932e-fe6662b6f249-image.png

        or

        1. Use the Netgraph network subsystem ( it is built into the PF kernel ).
          To solve this problem, you will need the following modules :
          ng_ether, ng_bridge, ng_ksocket .

          https://www.freebsd.org/cgi/man.cgi?netgraph(4)

          [2.4.4-RELEASE][admin@pfSense.localdomain]/root: kldstat -v | grep ng_
          547 ng_socket
          532 ng_ether
          531 ng_eiface
          546 ng_rfc1490
          545 ng_pred1
          530 ng_echo
          544 ng_pptpgre
          543 ng_pppoe
          529 ng_deflate
          542 ng_ppp
          522 ng_UI
          541 ng_pipe
          528 ng_cisco
          527 ng_car
          540 ng_one2many
          539 ng_mppc
          526 ng_bridge
          538 ng_lmi
          537 ng_l2tp
          523 ng_async
          536 ng_ksocket
          525 ng_bpf
          535 ng_iface
          534 ng_hole
          533 ng_framerelay
          552 ng_vlan
          551 ng_vjc
          550 ng_tty
          549 ng_tee
          548 ng_tcpmss

        J 1 Reply Last reply Reply Quote 1
        • J
          JMizuno @Konstanti
          last edited by JMizuno

          @Konstanti Thanks for that, yeah currently I am using OpenVPN Tap with interface bridged as I mentioned in my post. However it is not stable. I tried Open VPN client on pfSense but ping can drop a lot so I tried OpenVPN client on Win2016 server and found that Windows client is better but still unstable.
          That is the main reason why I started looking GIF tunnel option.
          Since psSense to pfSense IPSec tunnel is very stable I think it is not bandwidth issue.

          Thanks for your advice.

          Regards

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.