Requestion for help with GRE tunnel

Tue, 18 Jun 2002 06:21:28 -0700 

   I'm trying to make a tunnel between 2 LANs, 192.168.1 and 192.168.2.
Eventually over the internet, right now between 2 computers. Both
2.4.19.
   Everything is hooked up to a gigE switch right now. I've set the
tunnel's IPs to LAN addresses for testing.
   When the iproute2 commands are done, ip route get to the LAN on the
other side of the tunnel shows the tunnel.
   I can ping the IP address of the tunnel.
   When I try to ping or traceroute to the other LAN, I get sendto:
Operation not permitted.
   What am I misunderstanding? I know this is probably stupid to
everyone but me, but I'd appreciate assistance.

   These are the commands I'm using, which aren't working.

192.168.1:
        This is the local LAN that already exists
/sbin/ip link set dev eth0 up mtu 1500
/sbin/ip address add 192.168.1.12/24 broadcast 192.168.1.255 dev eth0
        This is an SDSL
/sbin/ip link set dev eth1 up
/sbin/ip address add 66.134.162.140/29 broadcast 66.134.162.143 dev eth1
        This is an ADSL
/sbin/ip link set dev eth2 up
/sbin/ip address add 63.193.79.19/29 broadcast 63.193.79.23 dev eth2

/sbin/ip link set dev lo up
/sbin/ip address add 127.0.0.1/8 broadcast + dev lo
        The ADSL is too busy to use for NAT
/sbin/ip route add default via 63.193.79.17 dev eth2
        The tunnel
/sbin/ip tunnel add withsales mode gre remote 192.168.2.2 local 192.168.1.12 ttl 255 
dev eth0
/sbin/ip link set withsales up
/sbin/ip address add 192.168.2.1/24 broadcast + dev withsales
        While testing, I've had the firewall off, just NAT
/sbin/iptables -P INPUT ACCEPT
/sbin/iptables -F INPUT
/sbin/iptables -P OUTPUT ACCEPT
/sbin/iptables -F OUTPUT
/sbin/iptables -P FORWARD DROP
/sbin/iptables -F FORWARD
/sbin/iptables -F -t nat
/sbin/iptables -L -n
/sbin/iptables -X
/sbin/iptables -Z
/sbin/iptables -A FORWARD -i eth2 -o eth0 -m state --state ESTABLISHED,RELATED -j 
ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o eth2 -j ACCEPT
/sbin/iptables -A FORWARD -j DROP
/sbin/iptables -t nat -A POSTROUTING -o eth2 -j SNAT --to 63.193.79.19

192.168.2:
        This is the new LAN
/sbin/ip link set dev eth0 up mtu 1500
/sbin/ip address add 192.168.2.2/24 broadcast 192.168.2.255 dev eth0
        This will be an ADSL, currently hooked up to gigE switch
/sbin/ip link set dev eth1 up
/sbin/ip address add 67.113.82.198/29 broadcast 67.113.82.202 dev eth1

/sbin/ip link set dev lo up
/sbin/ip address add 127.0.0.1/8 broadcast + dev lo

/sbin/ip route add default via 67.113.82.198 dev eth1

/sbin/ip tunnel add withsales mode gre remote 192.168.1.12 local 192.168.2.2 ttl 255 
dev eth0
/sbin/ip link set withsales up
/sbin/ip address add 192.168.1.10/24 broadcast + dev withsales

Reply via email to