search for: tun1

Is there a way to get rid of all the routes in a routing table ? This is more or less what I do: route add 146.64.80.0/24 192.168.0.100 route add 146.141.0.0 -interface tun1 route add 146.182.0.0 -interface tun1 route add 146.230.0.0 -interface tun1 netstat -rn inet 146.64.80.0/24 192.168.0.100 UGS 0 0 sis0 146.141.0.0/16 tun1 US 0 0 tun1 146.182.0.0/16 tun1 US 0...

Hi! Can I create the unnumbered GRE tunnel with iproute2 utility? Can someone provide me a link/howto/example_config how to do it? The topology is one tunnel between two linux boxes: -- eth1-|__|-eth0 <-------------> eth0-|__|-eth1 -- I''m trying now with: ip tu add tun1 mode gre local loc.IP remote rem.IP ttl 255 dev eth0 ip addr add tun1 0.0.0.0 ip link set tun1 up but it doesn''t succeed.. Thanks in advance for any help! -- WBR Sagi Sh _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-b...

...cp", which has two parts: http://www.tinc-vpn.org/examples/simple-bridging-with-dhcp-server-side/ http://www.tinc-vpn.org/examples/simple-bridging-with-dhcp-client-side/ I have altered two things to fit my needs, 1) DHCP server(host:pek1) is on client side ethernet, so I have bridged eth0 and tun1 together; 2) Network/Server/Client Names. The problem I have is, tinc connect can be established, but the tun1 on tinc server(host:nrj1) didn?t get IP address. Could be anything I missed in my configurations? Regards, Quan Zhou +------------------------+ |pub [expires 2015-09-05]| |44D2 0307 16...

Hi, I'm trying a VPN via ssh between Linux (Suse 10.3, 5.0) and OpenBSD (4.2, 4.7). But it doesn't work... On Linux: sudo ssh -v -f -w 0:1 $OPENBSD true sudo /sbin/ifconfig tun0 10.1.1.1 10.1.1.2 sudo /sbin/route add -net 192.168.17.0 netmask 255.255.255.0 dev tun0 On OBSD: sudo ifconfig tun1 10.1.1.2 10.1.1.1 netmask 255.255.255.0 sudo /sbin/route add 10.0.3.0/24 10.1.1.1 And add a "pass quick on tun1" to /etc/pf.conf Then I have: - Linux: tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00 inet addr:10.1.1.2 P-t-P:10.1.1.2 Mask:255...

...N interfaces that are connected with each other. With these two additional virtual TUN interfaces, I *THINK* I can split the routing in to multiple tables. The main routing table would contain lo, eth0 (WISP), tun0, and eth2 (internal LAN). While the virtualRouter routing table would contain tun1 and eth1 (ADSL). If I use ip rule(s) to determine which routing table to use, I think I can get the system to virtually act like two different routers. The hope is that I can put a common subnet on tun0 and tun1 that exists in both routing tables, but with only one interface local to each rou...

...ress each, called '2norte', '4norte' and '6norte', respectively. * Each of the Linux gateways has five network interfaces: two physical (eth0 and eth1), for Internet and LAN connections, the loopback interface (lo) and two virtual interfaces for the VPN link (tun0 and tun1). They all accept all kind of traffic, both incoming and outgoing, as there are NO firewall filtering rules on them (yet) except for masquerading of outgoing connections to the Internet. * On the tunX interfaces the gateways have 10.0.0.X IP addresses, which are the VPN links. * Each of th...

...04:23:ab:44:ca brd ff:ff:ff:ff:ff:ff inet 192.168.170.1/24 brd 192.168.170.255 scope global eth4 7: eth5: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ether 00:04:23:ab:44:cb brd ff:ff:ff:ff:ff:ff inet 192.168.124.249/24 brd 192.168.124.255 scope global eth5 8: tun1: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ppp inet 192.168.254.5 peer 192.168.254.6/32 scope global tun1 9: tun0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1500 qdisc pfifo_fast qlen 100 link/ppp inet 192.168.254.1 peer 192.168.254.2/32 scope g...

...child process, where the tunnel is dynamically allocated, its tunnel name is lost. This patch remedies this. It is very simple. All it does is put the tunnel name in the environment if one is set up. IE ssh to a server with "-w any" and the executed command will have (e.g.) SSH_TUNNEL=tun1 if tun1 was allocated. On *BSD, this will look more like '/dev/tun1'. I have tested this patch on Linux. It should work equally well on OpenBSD and FreeBSD (it's really very simple) but someone should test this. Patch is against 5.1p1. [this is my first patch against openssh so pleas...

...low. root@statler:/etc/shorewall# cat zones | grep -v ^# net Net Internet loc Local Local networks dmz DMZ Demilitarized zone vpn VPN Remote Subnet root@statler:/etc/shorewall# cat interfaces | grep -v ^# net eth0 detect vpn tun1 detect root@statler:/etc/shorewall# cat tunnels | grep -v ^# openvpn:1194 net 0.0.0.0/0 root@statler:/etc/shorewall# root@statler:/etc/shorewall# shorewall version 2.0.13 And yet i get as below when telnetting to 10.4.0.1:25 from a host on my LAN. So i am prolly missing something sim...

...CEPT vpn4 fw ACCEPT vpn4 net ACCEPT where tunnels entry is openvpn:50001 net 137.p.q.r vpn4 On homefw, the route table becomes # ip route sho 10.1.10.2 dev tun0 proto kernel scope link src 10.1.10.1 216.x.y.z via 10.1.1.2 dev tun1 10.1.1.2 dev tun1 proto kernel scope link src 10.1.1.1 216.12.22.64/26 dev eth0 proto kernel scope link src 216.12.22.89 216.12.22.64/26 dev ipsec0 proto kernel scope link src 216.12.22.89 192.168.1.0/24 dev eth1 proto kernel scope link src 192.168.1.254 192.168.10.0/24 via 10.1.10...

...box and eth0 and eth1 are for two Internet connections. They have imq0 and imq1. All traffic shaping works fine. Internal eth2 does no traffic shaping. But recently I have put two OpenVPN tunnels (tun devices) and both work via eth0. So my question is - how to shape the traffic on these tun0 and tun1 devices? Thanks Remus

Hi everybody, I want to do the following setup : | | Tun1 - Link 1 | Tun1 | | Router A | teql | INTERNET Link - | | teql |router B | | Tun2 - Link 2 | Tun2 | | This should permit to agregate Link 1 and Link 2 (less the cost of the encapsulation). The two tunnels are GRE ip tunnel...

Hi all, I have finally got tinc working, but it?s only between server/client. Client can receive broadcast packets from server ethernet, and pings between them is fine. If I ping tinc client(192.168.88.166) from any machine in my server lan, 192.168.88.0/24, all packets timed out, and nothing received by the client. Any ideas? Thanks! Regards, Quan Zhou +------------------------+ |pub

Hello all, Yesterday I noticed that my system was "leaking" traffic towards the 10/8 network, I have shorewall installed on multiple machines ranging from single interface devices to ones with 10+ interfaces. I tested all the boxes and they are showing the same behavior. All systems are CentOS 3.4, 2.4.21-27.0.2.ELsmp. Shorewall version: 2.2.1 For the host mentioned is a single

Hi, I don't know, if this is a developer question, but it is too strange for the user list and maybe a possible bug. My setup is a little bit complicated, but I will try to explain as simple as possible. I've got 3 server: All Server: System: Debian 6 Interfaces on server1: eth0 tun0 tun1 $ ssh -v OpenSSH_5.5p1 Debian-6+squeeze1, OpenSSL 0.9.8o 01 Jun 2010 Server 1 is for connecting and tunneling via ssh, let's say public ip 123.1.1.1. If I connect to Server 1, I can surf the web with the server 1 ip - fine! Server 2 is in the same network, let's say public ip 123.1.1.2. I...

...auth /etc/openvpn/taontorus.key 1 doug at wind:~$ route Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface default 192.168.1.1 0.0.0.0 UG 0 0 0 eth0 10.8.1.0 10.8.1.14 255.255.255.0 UG 0 0 0 tun1 10.8.1.14 * 255.255.255.255 UH 0 0 0 tun1 10.8.20.0 10.8.20.14 255.255.255.0 UG 0 0 0 tun2 10.8.20.14 * 255.255.255.255 UH 0 0 0 tun2 link-local * 255.255.0.0 U 1000 0 0 eth0 192.168....

...inet 81.50.114.213 --> 81.50.114.1 netmask 0xffffff00 Opened by PID 68 tun2: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 inet6 fe80::250:8dff:fe47:e567%tun2 prefixlen 64 scopeid 0xa inet 10.0.2.1 --> 10.0.3.1 netmask 0xff000000 Opened by PID 258 tun1: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1500 inet 10.0.2.1 --> 192.168.1.1 netmask 0xff000000 inet6 fe80::250:8dff:fe47:e567%tun1 prefixlen 64 scopeid 0xb Opened by PID 3290 - this is what ifconfig looks like IN the jail : rl0: flags=8843<UP,BROADCAS...

...bug when using the "+" wildcard notation in the interfaces file, in that rules are not generated in the fwd chain to permit traffic going out an interface with a "+" in it. [Details] The interface entries: loc tun0 detect routeback,newnotsyn loc tun1 detect routeback,newnotsyn loc tun2 detect routeback,newnotsyn and loc tun+ detect routeback,newnotsyn do not seem to be equivalent because the latter won''t create a rule in the "tun_fwd" chain allowing traffic between different tun interfaces. Explicitl...

...know where to send back packets. Any suggestion is really welcome. As better explain than my english I add here some rules and info. HOST A HOST B -------- -------- eth0 tun1 tun1 eth0 111.111.111.111 192.168.1.10 192.168.1.20 172.20.32.1 eth0:1 111.111.111.112 HOST A #masq what is coming from HOST B ipchains -A forward -s 192.168.1.20/32 -d 0.0.0.0/0 -j MASQ #masq what goes to HOST B #ipchains -A forward -s 0.0.0.0/0 -...

...th CentOS5 and CentOS6 and they both work as advertised! Downgrading the OS is not an option! CentOS5/6 gives me: ****************** tap1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 500 link/ether 9e:9e:44:9e:49:4c brd ff:ff:ff:ff:ff:ff CentOS7 gives me: **************** tun1: <POINTOPOINT,MULTICAST,NOARP> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 500 link/none So, what's broken in 7 - or is it that it requires something different? Cheers, ak. [0]: http://la11111.wordpress.com/2012/09/24/layer-2-vpns-using-ssh/