GRE Tunnels are RUINING MY LIFE!
Ok, maybe it isn''t that bad.
I am a Linux sophmore (for lack of a better term). I have some experience, I
have set up a Masq. Firewall at the company''s office as well as one at
home.
Now... The fun part. LInking the two so I can have access to office network
assets from home.
Home:
External: 65.28.x.y
Internal: 192.168.55.1
GRE Tunnel: "ofc"
Office:
External 216.170.a.b
Internal 192.168.5.1
GRE Tunnel: "phome"
I have followed the information given in the GRE section, but to no avail. I
can''t ping anything through the tunnel created, though it says the link
is up. The Tunnel runs from the Office External to Home External (and back)...
I used
#ip route add 192.168.5.0/24 dev ofc
and
#ip route add 192.168.55.0/24 dev phome
on home and office Firewall/Routers.. I am stuck-ed!
On the Home Firewall/Router:
#ping -I ofc 192.168.5.1
or
#ping 192.168.5.1
Result in %100 packet loss...
On the Office Firewall/router:
#ping -I phome 192.168.55.1
or
#ping 192.168.55.1
Result in %100 loss...
Any thoughts?
Patrick Dench
Application Specialist
www.acdisplays.com
On Saturday 16 March 2002 02:26, Patrick Dench wrote:> GRE Tunnels are RUINING MY LIFE! > > Ok, maybe it isn''t that bad.:)> I am a Linux sophmore (for lack of a better term). I have some experience, > I have set up a Masq. Firewall at the company''s office as well as one at > home. Now... The fun part. LInking the two so I can have access to office > network assets from home.Maybe you can post the commands you executed so we can now what you did (wrong). This works for me : /sbin/insmod ip_gre /sbin/ip tunnel add alas mode gre remote 213.119.127.168 local 213.119.31.144 ttl 255 /sbin/ip link set alas up /sbin/ip addr add 192.168.1.254 dev alas 192.168.1.254 is also the private ip of my firewall on my LAN /sbin/ip route add 192.168.10.0/24 dev alas This is the remote network Stef -- stef.coene@docum.org "Using Linux as bandwidth manager" http://www.docum.org/ #lartc @ irc.openprojects.net
Looks like my GRE problems were due to ipchains. I went to IP Tables, and it looks like it is working. Next issue: name resolution.. Right now the only way I know my home PC is connected is because I turned it on this morning. Is there anyway to resolve PC names through the VPN? Specifically to make it possible to browse another subnet via the Windoze ''network neighborhood''? -Pat Dench