Hi all,

Yes, I'm back with another weird 'n' wonderful IPSEC scenario.

I'm in the process of decommisioning a modem link between two sites whose
sole remaining purpose in life is to provide IPv6 connectivity. I'd like
to move this to the somewhat faster ADSL variety.

I already have working IPSEC-secured IPv4 connectivity between the two
sites. I'm trying to set up a 'giftunnel' for IPv6 transport via this
IPSEC tunnel (e.g. 'ifconfig gif0 giftunnel <site_A_ip> <site_B_ip>').

The tricky bit is that <site_B_ip> is reachable only via the IPSEC tunnel
from site A (but this shouldn't matter, right?), because the address of
its ADSL link is dynamically assigned.

Unfortunately, I can't get a reply to ping6's of the link-local addresses
from either side. I see the packets coming in on the respective enc0
interfaces, but no replies go out.

Any ideas you might have on the topic would be appreciated! If this
doesn't work I might have to resort to running IPv6/PPP/UDP/IPSEC/IP, and
that would really be ugly... ;)

Thanks,

Adrian Close email: adrianclose.wattle.id.au
1 Old Gippsland Rd. web: http://www.close.wattle.id.au/~adrian
Lilydale, VIC, 3140, Australia mobile: +61 412 385 201

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]