Vyatta:
vyatta@vyatta1-site1:~$ show configuration
interfaces {
ethernet eth0 {
address 192.168.1.1/24
duplex auto
hw-id 00:0c:29:00:a3:d7
smp_affinity auto
speed auto
}
ethernet eth1 {
address dhcp
duplex auto
hw-id 00:0c:29:00:a3:e1
smp_affinity auto
speed auto
}
loopback lo {
}
tunnel tun0 {
address 192.168.10.1/30
description "GRE TUNNEL TO SITE2"
encapsulation gre
local-ip 10.1.1.2
multicast enable
remote-ip 10.2.2.3
ttl 255
}
}
protocols {
ospf {
log-adjacency-changes {
}
parameters {
abr-type cisco
rfc1583-compatibility
router-id 2.2.2.2
}
}
static {
route 0.0.0.0/0 {
next-hop 10.1.1.1 {
}
}
}
}
service {
nat {
rule 1 {
outbound-interface eth1
source {
address 192.168.1.0/24
}
type masquerade
}
}
interfaces {
ethernet eth0 {
address 192.168.1.1/24
duplex auto
hw-id 00:0c:29:00:a3:d7
smp_affinity auto
speed auto
}
ethernet eth1 {
address dhcp
duplex auto
hw-id 00:0c:29:00:a3:e1
smp_affinity auto
speed auto
}
loopback lo {
}
tunnel tun0 {
address 192.168.10.1/30
description "GRE TUNNEL TO SITE2"
encapsulation gre
local-ip 10.1.1.2
multicast enable
remote-ip 10.2.2.3
ttl 255
}
}
protocols {
ospf {
log-adjacency-changes {
}
parameters {
abr-type cisco
rfc1583-compatibility
router-id 2.2.2.2
}
}
static {
route 0.0.0.0/0 {
next-hop 10.1.1.1 {
}
}
}
}
service {
nat {
rule 1 {
outbound-interface eth1
source {
address 192.168.1.0/24
}
type masquerade
}
}
pfSense:
TO DO:
Secure tunnels with IPSEC + Firewall rules on both sides
Enable dynamic routing between sites.
Thank you for this post. I haven't found any others that come close to explaining the flow of the GRE configuration on pfsense this well.
ReplyDeleteThanks a lot!
ReplyDelete