Sal... Am doua servere de linux in doua locatii. Unul este fedora2 si altul
redhat9 ; trebuie sa configurez un vpn intre ele, dar fara criptare, doar cu 2
tunele. Am facut tunelele cu mod_gre pe ambele servere, si am incercat sa fac o
rutare intre cele 2 tunele. Am si un fisier de configurare, dar cred ca nu e de
ajuns, trebuie sa mai modific ceva in firewall ca sa se vada calculatoarele din
cele 2 locatii. Ce anume mai trebuie sa fac?
# ip tu
gre0: gre/ip remote any local any ttl inherit nopmtudisc
routera: gre/ip remote 193.226.162.242 local 193.226.85.121 ttl 254 key
0.0.4.87
# ip tu
sit0: ipv6/ip remote any local any ttl 64 nopmtudisc
gre0: gre/ip remote any local any ttl inherit nopmtudisc
routerb: gre/ip remote 193.226.85.121 local 193.226.162.242 ttl 255 key
0.0.43.103
- la acesta nu stiu cum am facut de a aparut si un tunel cu mod sit... :(
conful arata cam asa:
#!/bin/bash
/sbin/ip tunnel add routera mode gre key 1111 remote 193.2.3.4 local 193.5.6.7
ttl 254
/sbin/ip link set routera up
/sbin/ip addr add 192.168.2.1 dev routera
/sbin/ip route add 192.168.1.0/24 dev routera
si respectiv:
#!/bin/bash
/sbin/modprobe ip_gre
/sbin/ip tunnel add routerb mode gre remote 193.5.6.7 local 193.2.3.4 ttl 255
key 11111
/sbin/ip link set routerb up
/sbin/ip addr add 192.168.1.1 dev routerb
/sbin/ip route add 192.168.2.0/24 dev routerb
Am ping doar pe ip-urile externe si pe 192.168.2.1 si 192.168.1.1 - pe reteaua
locala cu celalalta retea locala nu am ping.
# iptables -L arata cam asa:
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain FORWARD (policy DROP)
target prot opt source destination
ACCEPT all -- anywhere anywhere
ACCEPT all -- anywhere anywhere state
RELATED,ESTABLISHED
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
- ce lipseste din configurarile mele?
Multam,
Adriana
---------------------------------
Yahoo! Mail Mobile
Take Yahoo! Mail with you! Check email on your mobile phone.
---
Detalii despre listele noastre de mail: http://www.lug.ro/
