similar to: GRE Tunnel problems

Displaying 20 results from an estimated 2000 matches similar to: "GRE Tunnel problems"

2008 Mar 31
2
IFB & ESFQ
Hello Tom, Sorry, please but i again return to IFB question. If i correct understand in current situation IFB haven't profit from ESFQ in common cases (i mean internal networks masquarading) so as we wait from ESFQ allocates bandwidth fairly per source IP(internal) but IFB don't know internal IPs. If i correct, what do you think what can help IFB to solve its main disadvantage
2008 May 11
13
Message flooding of syslog
Greetings; My syslog is getting 100s of thousands of messages like the following (these are just a sample); (BTW I am running Debian/lenny) > May 11 12:41:31 gatekeeper kernel: BANDWIDTH_IN:IN=eth1 OUT=eth0 SRC=192.168.0.4 DST=64.15.118.171 LEN=40 TOS=0x00 PREC=0x00 TTL=127 ID=37901 DF PROTO=TCP SPT=1307 DPT=80 WINDOW=17640 RES=0x00 ACK URGP=0 > May 11 12:41:31 gatekeeper kernel:
2008 Apr 26
2
Cannot use SSH from dmz to lan
Hello, The shorewall version is shorewall-3.0.7-1 installed in Centos 5.1 (kernal 2.6.18-53.el5) on March. Number one problem is: I edited the policy file was dmz loc ACCEPT info I could use 3389 remote desktop to loc Windows 2003 server but couldn''t use SSH (22 port) to loc Linux server. Also I tried open that two ports in
2008 Apr 09
2
Captive Portal with Shorewall
. "Saluton", Sorry by my poor english, I speak Portuguese. I does a captive portal using: - shorewall - dhcpd - thttpd (in port 8080) - maradns With Shorewall I use dinamic zones. The initial zone in shorewall is configured to redirects access to internal thttpd port 8080, that shows a login.cgi page. With thttpd I rewrite original url. The apache rewrite is very cool, but thttpd
2008 Apr 21
1
Traffic Shaping
I have tried to follow the HOWTO''s as best I could to add some traffic shaping to my existing shorewall firewall/router. What I am trying to achieve Top priority to all voip traffic, regardless of sip, iax2 etc. Higher priority for interactive traffic - ssh, http General queue for everything else, but A low priority queue for any ipp2p traffic What I have achieved..... Almost
2008 Apr 14
1
Per VLAN Bandwidth allocation by Shorewall
Hi, 1. We have 20+ VLANs behind shorewall firewall. We would like to distribute the Internet bandwidth to different VLANs having minimumm, typical and maximum values based on IP ranges after NAT e.g., 172.17.4.0/24. What rules need to be created to do so? 2. We also would like to time the access of internet of some of the VLANs, i.e., 172.17.4.0/24 should be allowed to access the internet only
2007 Dec 14
2
Dual ISP
Attempting to setup a dual ISP on a gentoo box but I''m not sure how to configure the routing in the /etc/conf.d/net configuration file. Does shorewall do all the routing or do I set just the default route to the PRIMARY outbound ISP? Vernon ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net
2008 Jan 10
5
Want to log all ISP traffic to ULOG
I want to use fprobe-ulog (http://fprobe.sourceforge.net/) to generate NetFlow information about traffic going through my router. The question is how to get the logging rules added to the appropriate chains (I''m assuming eth2_in and eth2_out in my case)? I''m using the perl version of shorewall 4.0.6. -- Orion Poplawski Technical Manager 303-415-9701
2007 Sep 23
2
Unnumbered GRE tunnel
Hi! Can I create the unnumbered GRE tunnel with iproute2 utility? Can someone provide me a link/howto/example_config how to do it? The topology is one tunnel between two linux boxes: -- eth1-|__|-eth0 <-------------> eth0-|__|-eth1 -- I''m trying now with: ip tu add tun1 mode gre local loc.IP remote rem.IP ttl 255 dev eth0 ip addr add tun1 0.0.0.0 ip link set tun1 up but it
2007 May 19
2
ipip/gre tunnel behind NAT environments.
Hi, Does anyone tried to get ipip or gre tunnel behind NAT environments. ? i''m trying to make both side tunneling with ipip or gre with private address just like belows.. A -------------------FIRWWAL -------------------INET ------------------- B PRIVATE PUBLIC PUBLIC (10.100.0.1) (211.xxx.xxx.xxx) (
2003 Oct 13
0
PATCH : [Re: [Fwd: broadcast over gre tunnel?]]
Hi Guys, Here is our patch to allow broadcast packets over a GRE tunnel. Hopefully it might be accepted into the source someday. You need to enabled bridging and GRE tunnels in your kernel. No other options are required. The gre patch determines what type of protocol type to put in the GRE header based on the whether the packet is forwarded from a bridge or not. To use the patch: # Create
2018 Apr 24
1
Libreswan IPSec Protected GRE Tunnel & firewall-cmd
I am attempting to setup an IPSec protected GRE tunnel with a Cisco router. I believe the IPSec association is up, however I cannot move traffic over the tunnel. It is not clear how to integrate the tunnel interface (gre1) with firewall-cmd; adding the interface to trusted does not appear to 'stick'. [root at aqueduct ~]# firewall-cmd --add-interface=gre1 --zone=trusted The interface
2007 Dec 14
1
route_rules redirection not working
hi, I am running shorewall 3.2.9 on Mandriva2007 with 2 ISPs. Certain local IPs are directed to a specific ISP in route_rules, and this was working perfectly. I had to reinstall Mandriva, and after that this redirection is not working. My files are: masq: eth1 192.168.10.3 202.71.146.210 eth2 202.71.146.210 192.168.10.3 eth1 eth0 202.71.146.210 eth2 eth0 192.168.10.3 interfaces:
2008 Mar 28
1
Re: rfc1918
>> Only one remark. Information about 'init' file i found only in >> releasenotes.txt for 4.1.6 (for setting up 'ifb' module) and i found >> 'initdone' file in Shorewall config directory and without manfile also. >> For me not very clearly as it use. > > http://www.shorewall.net/shorewall_extension_scripts.htm On this page i found a
2005 Dec 07
1
multicast over GRE tunnel
I need to send multicast traffic through a GRE tunnel between two Linux routers. The tunnel works for normal IP packets, but I can''t see how to make it work for multicast. Here''s the setup: 10.10.10.0/24 LAN-B--------------RtrB-------------RtrC--------------LAN-C 192.168.2.0/24 192.168.1.0/24 RtrB interfaces: eth0
2007 Dec 06
0
GRE tunnel stops traffic when idle
Hello, I''ve set up a GRE tunnel between two Linux boxes and it''s working well, with or without IPSEC (under GRE). The problem is that when I have no traffic for some minutes, side A cannot communicate to side B any more, unless side B tries to communidate to side A. The same thing happens in the other direction. For example, side A pings side B. No reply. Keep pinging. Side B
2001 Mar 15
1
transport multicast traffic through a gre tunnel.
Hi All, As it is written in the "Linux 2.4 Advanced Routing HOWTO" GRE tunneling has some benefits compare to IP-in-IP, on of it benefits is the ability to transport multicast traffic through a GRE tunnel. I used the mrouted daemon and I know that the daemon supports tunneling but I don''t want to use its tunneling method. Assuming I have gre0 as my tunneling device I did the
2008 Mar 30
7
FTP DNAT not working - "Server sent passive reply with unroutable address"
Hi all! I am a long time lurker, but have not posted until now. My old trusted firewall machine broke a couple of weeks ago and I replaced it with a XEN domU that is using DNAT and has two interfaces. The firewall domU and the FTP server domU are both guests on the same dom0. All three machines are running Debian/etch (stable) and Shorewall has version 3.2.6. I can''t get FTP to work
2003 May 07
0
teql and gre tunnel
Hi everybody, I want to do the following setup : | | Tun1 - Link 1 | Tun1 | | Router A | teql | INTERNET Link - | | teql |router B | | Tun2 - Link 2 | Tun2 | | This should permit to agregate Link 1 and Link 2 (less the cost of the encapsulation). The two tunnels are GRE ip tunnel. It seems to work fine
2005 Jul 08
1
gre tunnel between networks with same subnet
/-----------------------\ | | |eth0 |eth0 |-------| |-------| | |eth1 eth1 | | -------- A |____ _______| B |----- | | \ / | | --------| | | --------| | | | |