question on tunnels (VPN)

• Previous message: Valentin Nechayev: "Re: freeaddrinfo(NULL)"
• Next in thread: Julian Elischer: "Re: question on tunnels (VPN)"
• Reply: Julian Elischer: "Re: question on tunnels (VPN)"
• Reply: Edwin Groothuis: "Re: question on tunnels (VPN)"
• Reply: Paul Schenkeveld: "Re: question on tunnels (VPN)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: net@freebsd.org
Date: Wed, 22 Sep 2004 16:17:59 +0000

Dear users,

I have been experimenting with simple gif tunnels (no IPSec) in local network
(192.168.0.0/24). I have used the following scenario between two hosts (both
running FreeBSD-5.2.1):

HOST_A [192.168.0.1]:
ifconfig gif0 create
ifconfig gif0 tunnel 192.168.0.1 192.168.0.2
ifconfig gif0 10.0.0.1 10.0.0.2 netmask 255.255.255.255

and on -

HOST_B [192.168.0.2]:
ifconfig gif0 create
ifconfig gif0 tunnel 192.168.0.2 192.168.0.1
ifconfig gif0 10.0.0.2 10.0.0.1 netmask 255.255.255.255

The above works well for me, and I can send traffic on 10.0.0.1 and 10.0.0.2.

The next thing I wanted to implement is to create similar tunnel from our
local router (which is FreeBSD too) to remote server, however there is small
problem which stops me - router has no public IP, and it sees internet
through DSL router, so basically that router is NAT'ed behind DSL router.
As far as I understand, it appears to be that I won't be able to create such a
simple tunnel, unless my router gets public IP address.

What I tried next was MPD pptp link (which is known to work behind NAT, unlike
above example), but something (ISP? DSL router?) cuts GRE packets on their
way, so MPD can't establish LCP connection with remote host.

I'm now in loss as to what to try next - could someone please advise what
other techniques will work in my scenario (where I want to connect machine
which is behind NAT and no GRE packets will go through)?

regards,
M.
_______________________________________________
freebsd-net@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-net
To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org"

• Previous message: Valentin Nechayev: "Re: freeaddrinfo(NULL)"
• Next in thread: Julian Elischer: "Re: question on tunnels (VPN)"
• Reply: Julian Elischer: "Re: question on tunnels (VPN)"
• Reply: Edwin Groothuis: "Re: question on tunnels (VPN)"
• Reply: Paul Schenkeveld: "Re: question on tunnels (VPN)"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: question on tunnels (VPN) ... > I have been experimenting with simple gif tunnels in local network ... > ifconfig gif0 create ... > local router to remote server, ... > simple tunnel, unless my router gets public IP address. ... (freebsd-net) Re: question on tunnels (VPN) ... I have used the following scenario between two hosts (both ... >local router to remote server, ... >simple tunnel, unless my router gets public IP address. ... >which is behind NAT and no GRE packets will go through)? ... (freebsd-net) Re: question on tunnels (VPN) ... > ifconfig gif0 create ... > local router to remote server, ... > simple tunnel, unless my router gets public IP address. ... (freebsd-net) Re: Cisco ASA IPSEC Tunnelling ... I suggest creating a GRE tunnel between the MPLS connecting routers. ... Configure the GRE tunnel to go from a loopback IP address on one router ... DS-1/T-1 or similar connection. ... (comp.dcom.sys.cisco) Re: I-Net und VPN über LANCOM-Router ... Der ISA hat mit dem VPN Tunnel eigentlich gar nichts zu tun, ... auf der 2.Netzwerkkarte ist der Router angeschlossen. ... (microsoft.public.de.german.isaserver)