Re: [LARTC] VPN through PPP
On Tue, 11 Oct 2005 14:40:10 +0200 Steve Comfort [EMAIL PROTECTED] wrote: Hi, I can't understand your diagram as well. :-( Let's suppose you have 2 hosts, host A and host B, each has an outer (public) and an inner (local) interface. The outer interfaces have the IP addresses Apub and Bpub respectively, and the inner networks have the address spaces Aloc and Bloc, respectively. Also we make use of another pair of IP addresses, for the tunnel interfaces (10.10.10.1 and 10.10.10.2). Then the right commands would be: host A: ip tunnel add net0 mode gre remote Bpub local Apub ip address add 10.10.10.1/32 net0 ip link set net0 up ip route add Bloc dev net0 host B: ip tunnel add net0 mode gre remote Apub local Bpub ip address add 10.10.10.2/32 net0 ip link set net0 up ip route add Aloc dev net0 If the tunnel works, you can ping 10.10.10.2 from host A (and 10.10.10.1 from host B), if the routing works also, you can ping the other inner network from each host. I do have a firewall, configured to do NAT on the PPP interface. I have also tried excluding the destination addresses from being NAt'd but this didn't make any difference. Just a quick question: you do not filter out GRE (IP protocol 47) on the firewall? (NATing GRE is a bad idea as well - it does not work AFAIK.) And don't forget that the GRE tunnel transmits all the traffic unencrypted, so only use it on a trusted network. (Not even on that.:-) norbi ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[LARTC] VPN through PPP
Hi all, This is probably not the right place for this question, but maybe someone can help me out. I am trying to setup a VPN between two private addresses, using iproute2 (which is my only excuse for mailing this list). The setup is as below : eth0 ppp0 Wireless ppp0 eth0 192.168.200.202 192.168.94.134 - 192.168.94.132 192.168.2.200 Both eth0 (strictly ixp1) and ppp0's are on wireless boards that we make. I have basically followed the VPN Howto and done the following : ip tunnel add net0 mode gre remote 192.168.2.200 local 192.168.200.202 ttl 255 dev ppp0 ip link set net0 up ip addr add 192.168.200.202 dev net0 ip route add 192.168.2.0/24 dev net0 I have tried various combinations of the above, using the ppp IP address for remote and the eth0 for local, etc, etc. (4 possible combinations). I do the reverse on the other end of the tunnel, but do not see any traffic over this lot. I am able to ping and ssh between the two wireless boxes. I do have a firewall, configured to do NAT on the PPP interface. I have also tried excluding the destination addresses from being NAt'd but this didn't make any difference. Any suggestions would be greatly appreciated. Best regards Steve Comfort ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] VPN through PPP
On Tuesday 2005-October-11 07:40, Steve Comfort wrote: The setup is as below : Your ASCII diagram was not clear. I have basically followed the VPN Howto and done the following : Are you talking about the old one from TLDP? Any suggestions would be greatly appreciated. Perhaps not much help, but I use http://openvpn.org/ -- mail to this address is discarded unless /dev/rob0 or not-spam is in Subject: header ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
Re: [LARTC] VPN through PPP
you could use openvpn -- *Dariusz 'tdi' Dwornikowski | Gentoo | admin at pozman.pl | *[JID]:[EMAIL PROTECTED]|[gg]:2266034|[IRC]:[EMAIL PROTECTED] | *[MAIL]:[EMAIL PROTECTED]|[WWW]:www.tdi.pozman.pl | *Serwery,administracja,webapps - www.ProAdmin.com.pl | *Fingerprint:43E21CC46DAFD2F754E91547D59B39F56AAA4B5F | ___ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
