Re: VPN Tunnel

• Previous message: Leon Messner: "FreeBSD 4.11 IPv6-over-IPv4 tunnel problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Date: Mon, 4 Jul 2005 14:16:28 +0200
To: tradigan@newrevolutions.net

tradigan@newrevolutions.net wrote:

> I'm having some problems getting a VPN tunnel working between two sites.
> Currently I am just trying to establish a tunnel and worry about the
> encryption after the tunnel is up and functional, however I cannot even get
> the tunnel established. I have followed the directions from the FreeBSD
> handbook but had no luck. Here is my scenario:
>
> Network 1:
>
> FreeBSD Internal IP: 192.168.20.13
> FreeBSD External IP: 12.34.56.78
>
> Network 2:
>
> FreeBSD Internal IP: 192.168.15.2
> FreeBSD External IP: 87.65.43.21
>
> On the Network 1 Box, I configured the gif0 interface as follows:
>
> root@freebsd# ifconfig gif0 create
> root@freebsd# ifconfig gif0 tunnel 12.34.56.78 87.65.43.21
> root@freebsd# ifconfig gif0 inet 192.168.20.13 192.168.15.2 netmask
> 255.255.255.255
>
> For IPFilter, I have the following rules at the TOP of the script:
> pass in quick from 87.65.43.21 to any on xl0
> pass in quick on gif0 all
> pass out quick on gif0 all
>
> On the Network 2 Box, I configured the gif0 interface as follows:
>
> root@host# ifconfig gif0 create
> root@host# ifconfig gif0 tunnel 87.65.43.21 12.34.56.78
> root@host# ifconfig gif0 inet 192.168.15.2 192.168.20.13 netmask
> 255.255.255.255
>
> For IPFilter, I have the following rules at the TOP of the script:
> pass in quick from 12.34.56.78 to any on xl0
> pass in quick on gif0 all
> pass out quick on gif0 all
>
> After I have created both gif0 interfaces on each of the boxes, the FreeBSD
> handbook says I should be able to ping the private IP of the other BSD
> machine. When I ping from Network 1, I don't get any type of response and
> just 100% failed sent packets. When I ping from Network 2, I get a 'No route
> to host' message as well as 100% failed sent packets.
>
> I have been at this for 2 days now and I'm really starting to get frustrated.
> Am I missing something here? Any help would be appreciated.

Looks like the routing table in network 2 doesn't work.
netstat -rn should give you a clue what's wrong.

Fabian

-- 
http://www.fabiankeil.de/

• application/pgp-signature attachment: stored

• Previous message: Leon Messner: "FreeBSD 4.11 IPv6-over-IPv4 tunnel problem"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages VPN Tunnel ... I'm having some problems getting a VPN tunnel working between two sites. ... I have followed the directions from the FreeBSD ... I configured the gif0 interface as follows: ... root@freebsd# ifconfig gif0 tunnel 12.34.56.78 87.65.43.21 ... (freebsd-questions) Impossible to IPfilter this? ... I'm trying to increase security on my FreeBSD 4.8 firewall/DSL router/VPN ... RedHat 7.1 box running FreeS/WAN. ... This tunnel allows traffic from my ... (FreeBSD-Security) ISAKMPD between FreeBSD 6.1 and OpenBSD 3.9 ... Does anyone have experience configuring ISAKMPD on FreeBSD? ... problems convincing the FreeBSD box to route traffic through the tunnel. ... A.B.C.D OpenBSD box external IP ... payload: TRANSFORM len: 36 ... (freebsd-questions) Re: VPN Tunneling ... >>I'm trying to make a VPN tunnel between a FreeBSD machine and a Win2K ... > FreeBSD box is acting as a gateway/natd for the net1 internal network. ... (FreeBSD-Security) ipsec ipcomp between FreeS/WAN 2.04 and FreeBSD 5.2 ... Without IPComp tunnel are successfully established. ... This is my setkey init (FreeBSD box side): ... However with this kind of init file FreeS/WAN is dropping packet coming from the FreeBSD box. ... (freebsd-net)