Displaying 20 results from an estimated 2000 matches similar to: "ssh-vpn linux<->openbsd"
2004 Dec 14
1
openvpn/shorewall tunnel problem
Dear list,
I am having a problem with openvpn. I have the following arrangement,
running two instances of openvpn on "home fw". I want to protect my
WLAN in back of the home fw and that works fine. I can see "Peer
connection initiated with 192.168.1.3:5000" in daemon.log on homefw.
Nothing gets initiated with officefw, nor can I ping the other end of
the tunnel at officefw.
2005 Mar 01
3
Problem with multiple ISP''s
I have a setup with two Internet providers. One circuit (net0 == eth1) is
used primarily for employees and tunnels to other sites. The other (net1 ==
eth2) is for the production machines that customers access. Everythung works
in teh sense that packets get to where they are sent (mostly) but I recently
I had a sniffer on the system and noticed a problem I cannot solve. traffic
coming in
2004 Oct 04
2
Network browsing with through OpenVPN
Hi all,
I have succesfully joined together three LANs using OpenVPN over Linux
(Debian) gateways at the 'exit' of each one of these LANs.
The VPN seems to be OK, as I can ping network hosts from one LAN to
another using their private IP addresses with no problem at all.
However network browsing through the VPN is not working.
The network diagram for my setup is at
2004 Oct 13
1
Traffic shaping and tun devices
Hi folks,
I have three network cards on my Slackware box and eth0 and eth1 are for two Internet connections.
They have imq0 and imq1. All traffic shaping works fine.
Internal eth2 does no traffic shaping.
But recently I have put two OpenVPN tunnels (tun devices) and both work via eth0.
So my question is - how to shape the traffic on these tun0 and tun1 devices?
Thanks
Remus
2015 Oct 31
5
Openvpn and samba: play nice together?
Friends--
I'm stumped! Cannot get mount.cifs to work over a tun connection. How
would you trouble-shoot this?
1. It cannot be openvpn causing the problem: I can ping across the
connection both directions on all machines.
2. It cannot be samba causing the problem: I can mount.cifs the smb
shares on the lan (using the identical credentials file) without any issue.
3. Have iptables
2007 Sep 23
2
Unnumbered GRE tunnel
Hi!
Can I create the unnumbered GRE tunnel with iproute2 utility?
Can someone provide me a link/howto/example_config how to do it?
The topology is one tunnel between two linux boxes:
-- eth1-|__|-eth0 <-------------> eth0-|__|-eth1 --
I''m trying now with:
ip tu add tun1 mode gre local loc.IP remote rem.IP ttl 255 dev eth0
ip addr add tun1 0.0.0.0
ip link set tun1 up
but it
2004 Nov 17
20
Some DNAT''s work, some don''t
We''ve just upgraded to a new firewall machine, and a new version of
Shorewall. We''re now on 2.04; previous version was 1.3.9b (!). So I''m
pretty sure whatever problems we''re having are related to the big
version jump.
We''re using config files that exactly match our old (working)
configuration (IOW, these are things which _were_ working on the old
2019 Jun 11
2
Problems with inconsistent ACL inheritance and permissions after Samba upgrade
On 11/06/19 11:49, Rowland penny via samba wrote:
> On 11/06/2019 11:38, Sebastian Arcus via samba wrote:
>>
>> On 11/06/19 11:07, Rowland penny via samba wrote:
>>> On 11/06/2019 10:34, Sebastian Arcus via samba wrote:
>>>> I've just upgraded a Samba AD server to 4.10.2 a few weeks ago from
>>>> 4.x (I'm afraid I'm not sure the exact
2008 Oct 07
0
"route flush" does not delete routes created with -interface option
Is there a way to get rid of all the routes in a routing table ?
This is more or less what I do:
route add 146.64.80.0/24 192.168.0.100
route add 146.141.0.0 -interface tun1
route add 146.182.0.0 -interface tun1
route add 146.230.0.0 -interface tun1
netstat -rn inet
146.64.80.0/24 192.168.0.100 UGS 0 0 sis0
146.141.0.0/16 tun1 US 0
2014 Dec 14
2
Fwd: Re: VPN Example 2
On Fri, Dec 12, 2014 at 02:21:08AM -0500, md at rpzdesign.com wrote:
> Oops, I got it to work only after putting the WAN on port 656 so it
> did not interfere with port 655 for the LAN.
You should not need to have two tinc daemons just because you have a WAN
and a LAN interface. By default (ie, if you don't specify BindToAddress
and/or BindToInterface), tinc listens on all interfaces,
2007 Jun 13
1
Will this work, or have I been around too much magic smoke???
Will this (in theory) work, or have I been around too much magic smoke
that has escaped from fried equipment???
I have a system with two different internet connections. One connection
is a WISP via an external bridging radio (ethernet to proprietary
wireless back haul). The other connection is PPPoE ADSL via the local
phone company.
(I think) I am wanting to use equal cost multi path
2003 May 21
1
netstat/ipcs inside jail
Hi, i've got this problem with my jail and i'm abolutly lost as in the why
of it.
I previously posted this on comp.unix.bsd.freebsd.misc but i was advised to
send here
I was unable to find help on google :(
To resume quick, when i'm in a jail, netstat doesn't work properly.
Hopefully i have provided sufficient information for anyone willing to help
me :p
First of all, my system :
2004 Nov 16
1
Tinc on MacOs X
My intention is to set up tinc so that I can connect from home to an
office network. All CPUs are running MacOs X, 10.2.8 or 10.3.5.
I have read the tinc manual, tincd.8 and tinc.conf.5. However, I am
still unclear about a few issues.
First and foremost, how to I setup the VPN interfaces on the hosts,
on MacOs X? Which file do I have to alter and what is the exact
syntax on Os X to setup
2009 Sep 21
2
[patch] RFC: put server tunnel name in environment
If an ssh server receives a tun/tap tunnel request and sets up the tunnel
concerned, as far as I can see there is currently no way for the server
to configure the tunnel in a manner dependent upon (e.g) the key used to
set up the ssh session. Whilst an id based on the key can be passed to
the ssh child process, where the tunnel is dynamically allocated, its
tunnel name is lost.
This patch
2019 Jun 11
2
Problems with inconsistent ACL inheritance and permissions after Samba upgrade
On 11/06/19 13:29, Rowland penny via samba wrote:
> On 11/06/2019 13:13, Sebastian Arcus via samba wrote:
>>
>> On 11/06/19 11:49, Rowland penny via samba wrote:
>>> On 11/06/2019 11:38, Sebastian Arcus via samba wrote:
>>>>
>>>> On 11/06/19 11:07, Rowland penny via samba wrote:
>>>>> On 11/06/2019 10:34, Sebastian Arcus via samba
2014 Aug 26
2
Tinc on NixOS
Hi,
Does anyone here have experience running Tinc on NixOS?
I'm trying to run Tinc on a NixOS machine, using the similar configuration
i had for Ubuntu. My home subnet is 192.168.1.0/24 and my work is
10.16.0.0/24. However, unlike ubuntu, when I start tincd on nixos, and try
to 'ifconfig $INTERFACE 192.168.1.10 netmask 255.255.255.0' in my tinc-up,
I loose network access on the box
2010 Apr 15
4
Limit number of connections per user?
I'm working from modified 5.0p1 codebase.
What I'm looking for is a mechanism to limit the number of simultaneous
connections on a per-user/IP basis.
That is, disallow multiple simultaneous logins/authentication of the
same user from different IP addresses.
e.g.:
fred from 10.1.1.1 - accept
fred from 10.1.1.2 -- reject while fred is still connected from 10.1.1.1
fred from 10.1.1.1 - OK
2016 Jun 20
2
[Bug 2592] New: -R bind_address not working, always bind 0.0.0.0
https://bugzilla.mindrot.org/show_bug.cgi?id=2592
Bug ID: 2592
Summary: -R bind_address not working, always bind 0.0.0.0
Product: Portable OpenSSH
Version: 7.2p1
Hardware: amd64
OS: Linux
Status: NEW
Severity: normal
Priority: P5
Component: sshd
Assignee: unassigned-bugs at
2007 Jul 06
8
interop with strongswan / ipsec
I see support in shorewall for the KAME-tools, how about strongswan ?
I have setup shorewall 3.4.4 and strongswan 4.1.3, making this my
vpn-gateway for the subnet behind it.
# Shorewall version 3.4 - Zones File
#ZONE TYPE OPTIONS IN OUT
# OPTIONS OPTIONS
fw firewall
fil ipsec mode=tunnel mss=1400
net ipv4
2005 Jan 06
6
Nested zones? (Or soemthing?)
[192.168.0.0/24 Lan]
v
[Shorewall box ''Curtain'', 192.168.0.254, DHCP to ISP, and a OpenVPN tunnel
10.4.0.2]
v
[Internet]
v
[Shorewall box ''statler'' 130.241.25.165, and an OpenVPN tunnel 10.4.0.1]
Now, i have set a rule on statler
ACCEPT vpn $FW tcp smtp
and i have as below.
root@statler:/etc/shorewall# cat zones | grep -v ^#
net Net Internet