Interfaces GRE
-
Hi all,
I'm preparing a full mesh VPN IPSec over GRE design. We will have many sites.
How many GRE interfaces is possible to set in PFSense 2.0 ?Thanks for your help.
Stephane
-
There aren't any limits in the GUI
-
With regard to creating fully-meshed IPSEC VPNs consisting of many sites, does pfsense support something like Cisco's VTI (Virtual Tunnel Interface) tunnel technology ?
Juniper calls it "Secure Tunnel Interface", Fortinet calls it "Interface mode IPSEC" and all are compatible with each other..
-
pfSense 2.0 support both Tunnel mode (the mode everyone is used to) as well as Transport mode, which just encrypts between the endpoints, and then you run your own GIF/GRE/Whatever on top of that.
I'm not sure what mode they run in for that kind of setup, but either way it can probably be made to work.
-
Thx jimp, I'll look into it.
Basically what I had in mind was a setup of OSPF over GRE over IPSEC, such as the one described at http://forums.juniper.net/t5/SRX-Services-Gateway/srx-210-and-cisco-870-ospf-over-gre-over-ipsec/td-p/35672
-
Hi dhatz,
That's what I'm trying to do also. Although I'm able to ping all hosts, I've an issue when I try to access a webpage. See my other post : http://forum.pfsense.org/index.php/topic,41522.0.html.
Feel free to ask question about the conf if you need help.
