tir, 2002-06-18 kl. 15:39 skrev George Garvey: > I'm trying to make a tunnel between 2 LANs, 192.168.1 and 192.168.2. > Eventually over the internet, right now between 2 computers. Both > 2.4.19.
> Everything is hooked up to a gigE switch right now. I've set the > tunnel's IPs to LAN addresses for testing. [Off list, because off topic] To my mind everything's horribly complicated here. Begin with an easy one. The point about this approach is, that you begin with something simple that you know works and you can take one step at a time. Connect 2 Linux routers/GRE gateways (2 NICs each, eth0 and eth1) with a crossover cable on NIC eth0. Make a lan each side of each route, left and right (enough with one single machine and one crossover cable for each LAN). So that's 4 machines and 3 crossover cables. Left hand LAN is 192.168.1., right hand LAN is 192.168.2. Each eth0 (the NICs connecting the routers) on each router can/must have a completely different IP number from the 2 LAN IP numbers. It doesn't matter what, as long as the eth0s are on the same physical network. There's no natting in any of this! You're dealing with *pure routers*. Even when you get to the internet stage, it's still pure routing with no natting, in principle. Nothing's got anything to do with IP tables! Make your tunnel, set it up and ping the right hand machine on 192.168.2. from the left hand machine on 192.168.1. When that works, optional step (since you'll have to have it on the Internet later): stick another Linux router in the middle and do the same. Obviously all the IP numbers on the routers should be changed to suit. So that's one extra machine, 2 extra NICs and 2 extra crossover cables. When that works, substitute your switch for the router in the middle, if you really want it. I've done this with FreeS/WAN x509 VPN tunnels - though never with GRE - so I know it works :-) Best, Tony -- Tony Earnshaw e-post: [EMAIL PROTECTED] www: http://www.billy.demon.nl gpg public key: http://www.billy.demon.nl/tonni.armor Telefoon: (+31) (0)172 530428 Mobiel: (+31) (0)6 51153356 GPG Fingerprint = 3924 6BF8 A755 DE1A 4AD6 FA2B F7D7 6051 3BE7 B981 3BE7B981
signature.asc
Description: Dette er en digitalt signert meldingsdel
