search for: vpn2

...the Subnet = X/32, which indicate the VPN serve for this host. But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C. If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: A >> vpn1 >> B >> vpn2 >> C — “host X” If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C. Let me know if there’s any other simple way to achieve this.

...is a typical session using xl running Xen 4.2.2 on Ubuntu 64 12.04 bit server, using stock Dom0 kernel (3.2.0-43-generic) root@xen6:/etc/init.d# service xendomains start root@xen6:/etc/init.d# service xendomains stop Shutting down Xen domains: * [done] root@xen6:/etc/init.d# xl create /etc/xen/vpn2 Parsing config from /etc/xen/vpn2 Daemon running with PID 3969 root@xen6:/etc/init.d# service xendomains start root@xen6:/etc/init.d# service xendomains stop Shutting down Xen domains: vpn2(save).... * [done] root@xen6:/etc/init.d# service xendomains start Restoring Xen domains:/etc/init.d/xend...

...indicate the VPN serve for this host. > But as the tinc client to C, B’s host config shouldn’t include Subnet = > X/32, because X/32 is behind C. > > If not direct connection available from A to C, the only way I can figure > it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: > > A >> vpn1 >> B >> vpn2 >> C — “host X” > > If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the > /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side > for C. > > Let me know if there’s any other simple way to a...

Hi, I have multiple ppp interfaces that does not correspond to the same network usage. Do you know anything about trying to set definitively the ppp+ name ? or anything to adapt automagically iptables to the real network which is behind each ppp+ interface ? I''ve tooken a look into the IFNAME env var... but it doesn''t seems to work :c/ regards, -- BeTa

...dicate the VPN serve for this host. >> But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C. >> >> If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: >> >> A >> vpn1 >> B >> vpn2 >> C — “host X” >> >> If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C. >> >> Let me know if there’s any othe...

Hey, I thought there was supposed to be an ability for domU''s to be put into a hibernated state (E.g. current running tasks and memory) when dom0 is shutdown or rebooted. When I look in my /etc/default/xendomains file, I have the variable''s "XENDOMAINS_SAVE=/var/lib/xen/save" and "XENDOMAINS_RESTORE=true". However, when I reboot, I always have to restart my

...wall ifconfig eth0 209.159.32.162 netmask 255.255.255.0 up ifconfig eth0:1 209.159.32.163 netmask 255.255.255.0 up that sets up the network card to have 2 address well in shorewall i tried to add eth0:1 to my interfaces well it says that Determining Zones... Zones: inet inet2 loc cust vpn1 vpn2 vpn3 Validating interfaces file... Error: Invalid Interface Name: eth0:1 what am i doing wrong or what do i need to do? Marshal McInnis Tech / Web Designs 1-205-344-4455 Ext 208

...dicate the VPN serve for this host. >> But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C. >> >> If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: >> >> A >> vpn1 >> B >> vpn2 >> C — “host X” >> >> If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C. >> >> Let me know if there’s any othe...

.../32, which indicate the VPN serve for this host. > But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C. > > If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: > > A >> vpn1 >> B >> vpn2 >> C — “host X” > > If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C. > > Let me know if there’s any other simple way to achieve thi...

I have a firewall running Shorewall 1.3.13-1 from rpm on a redhat 7.3 box. The box has three nics assigned to zones loc net and dmz. We also have multiple vpn links accomplished via ssh tunnels, These links all come from dynamic IP addresses with known private subnets behind them. There are basically two types of networks these vpns connect, one with access to almost everything and one with

...32, which indicate the VPN serve for this host. > But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C. > > If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: > > A >> vpn1 >> B >> vpn2 >> C — “host X” > > If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C. > > Let me know if there’s any other simple way to achieve...

...PN serve for this host. >>> But as the tinc client to C, B’s host config shouldn’t include Subnet = X/32, because X/32 is behind C. >>> >>> If not direct connection available from A to C, the only way I can figure it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: >>> >>> A >> vpn1 >> B >> vpn2 >> C — “host X” >>> >>> If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side for C. >>> >>> Let me...

...rve for this host. >> But as the tinc client to C, B’s host config shouldn’t include Subnet = >> X/32, because X/32 is behind C. >> >> If not direct connection available from A to C, the only way I can figure >> it out is to setup two VPNs, /etc/tinc/vpn1 and /etc/tinc/vpn2: >> >> A >> vpn1 >> B >> vpn2 >> C — “host X” >> >> If so, the /etc/tinc/vpn1/hosts/B can have Subnet =X/32; but the >> /etc/tinc/vpn2/hosts/B can exclude Subnet =X/32 since it’s the client side >> for C. >> >> Let me know if t...

...this my vpn-gateway for the subnet behind it. # Shorewall version 3.4 - Zones File #ZONE TYPE OPTIONS IN OUT # OPTIONS OPTIONS fw firewall fil ipsec mode=tunnel mss=1400 net ipv4 loc ipv4 vpn1 ipv4 vpn2 ipv4 # Shorewall version 3.4 - Tunnels File #TYPE ZONE GATEWAY GATEWAY # ZONE openvpnserver:7777 net 0.0.0.0/0 openvpnserver:7778 net 0.0.0.0/0 ipsec net 212.168.178.226 # Shorewall version 3.4 - Hosts file #ZONE HOST(S)...

...tried to configure: /etc/shorewall/zones fw firewall net ipv4 loc ipv4 vmn ipv4 <--- subnet for virtual machines dmz ipv4 ovpn ipv4 <--- subnet for open-vpn (but iPhone don´t run with open-vpn) wlan ipv4 vpn1 ipv4 <--- old VPN over pptp - but unsure -> in future should be l2tp/ipsec vpn2 ipsec <--- new entry l2tp ipv4 <--- new entry #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE /etc/shorewall/interfaces net ppp0 detect tcpflags,dhcp,routefilter,norfc1918,nosmurfs,logmartians loc eth0 detect tcpflags,detectnets,nosmurfs dmz eth2 detect tcpflags,detectnets,nosmu...

...make the accounting because y want to control the remote vpn access(pptpd) throught shorewall. Which is the way to control vpn /ip/access in /etc/shorewall/accounting? Is my example correct? and if i have diferents vpn wil be with ppp1, ppp2 .. ? or i have to control throght shorewall zone vpn1,vpn2,... acc1-out:COUNT    account-ip    -    ppp0:192.168.1.100 acc1-in:COUNT    account-ip    ppp0:192.168.1.100    - DONE    acc1 # #acc2-in:COUNT    account-ip    eth0    195.8.169.2 #acc2-out:COUNT    account-ip    195.8.169.2    eth0 #DONE    acc2 -- Javier Martínez Technical Manager...

Hello again, >From the point of view of a Red Hat *user*, the standardised way of doing things would be to have an /etc/sysconfig/tinc file containing something like: NETWORKS="vpn1 vpn2 vpn3" (one or more names separated by spaces) At initialization, each name should launch a separate tinc instance (a different VPN) tinc service should not start until the user adds at least one VPN name (say "vpn1") in the /etc/sysconfig/tinc and the corresponding /etc/tinc/vpn...

.... Hello, IMHO, it's *unavoidable* that the systemd initialization reads some sort of configuration file and learns from it how many tincd processes it should launch and which VPN name for each. If the configuration file tinc.conf remains VPN-dependent ( *different* tinc.conf files for VPN1, VPN2, etc., located under /etc/tinc/VPN1, /etc/tinc/VPN2, etc.) the above-mentioned configuration file cannot be tinc.conf So I thought one may use /etc/sysconfig/tinc instead. Of course, this has the disadvantage of being Red Hat-specific; it would be *great* to have, for that role, a configuration fi...

...ec net 213.168.103.106 ipsec net 217.73.1.17 Question: But how do I declare the 2 subnets for the 2 vpn zones? Here my wild guess at the hosts file: #ZONE HOST(S) OPTIONS # VPN1 Gateway is 213.168.103.106 fre eth1:213.168.103.106 # VPN1 Subnet is 157.125.132.0/23 #fre ipsec0:157.125.132.0/23 # VPN2 Gateway is 217.73.1.17 swe eth1:217.73.1.17 # VPN2 Subnet is 157.125.0.0/18 #swe ipsec0:157.125.0.0/18 Do I need entries for eth1 or ipsec0 (the commented ones)? Or something in between? Or should I merge the subnets into zone loc? Frerk > > Frerk Meyer > System Developer > --------...

Hello all, I am a newbie to Linux firewalls, and am trying to setup shorewall to allow connections from an Oracle client to an Oracle Server. The client tries to connect to the server via port 1521 (it works fine) and once the first connection has been successful, the server sends a redirect to the client to a random high port. So, when the client tries to connect again to the sevrer on that port