as far as it goes. However
the problem he's facing is rather more intractable than it first
appears.
In general, you're going to need a mechanism for dynamically routing
packets in order to make this sort of setup work. For most setups,
you'ld need the co-operation of your ISP to make things work
, and the other doesn't, depending on what network the default router
happens to be on.
In general, you're going to need a mechanism for dynamically routing
packets in order to make this sort of setup work. For most setups,
you'ld need the co-operation of your ISP to make things work as well
networks, same interface card. The issue is that one of the networks
works, and the other doesn't, depending on what network the default router
happens to be on.
In general, you're going to need a mechanism for dynamically routing
packets in order to make this sort of setup work
After many years of waiting my company has a position opening up that I
can fill. I spoke with the Net Admin and asked if there were any one skill
that would be of a great benefit to my company and his response was
Routing, IP and subnetting (ok so more then one. But I swear he can
count).
So
Here are a couple of books I have read and would suggest. They are not free
but they are worth it...
Routing TCP/IP Volume I (CCIE Professional Development)
http://www.amazon.com/exec/obidos/tg/detail/-/1578700418/qid=1089749604/sr=1
-1/ref=sr_1_1/104-0916091-2402328?v=glances=books
Routing TCP
After many years of waiting my company has a position opening up that I
can fill. I spoke with the Net Admin and asked if there were any one skill
that would be of a great benefit to my company and his response was
Routing, IP and subnetting (ok so more then one. But I swear he can
count
be willing to purchase a reference
book or two. I'm not sure what kind of gear you're running at work, but
you can get a good feel for how things work by playing with routed on
your FreeBSD box.
Subnetting Tutorial - http://www.ralphb.net/IPSubnet/
Basic Routing - http://www.sangoma.com
was Routing, IP and subnetting (ok so more then one. But I swear he can
count).
So here I am with maybe a month before they make a decision and I am
thinking I should beef up on my skills.
I am hoping someone out there may know of some GREAT (free, I am a
poor slob) resources
, this is some type
of routing issue and not a problem with IPSec. This seems to be
confirmed by the fact tracerouting to the local internal interface
goes through the *other* internal interface first:
waltwhitman$ ifconfig bge1; traceroute 10.1.2.1
bge1: flags=8843UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST mtu
- Original Message -
From: James P. Howard, II [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Tuesday, June 29, 2004 2:57 PM
Subject: Routing problem in IPv4/IPSec VPN environment
As a personal favor, I am building a VPN for a small business. I
have chosen FreeBSD for this due
To: [EMAIL PROTECTED]
Subject: Routing problem in IPv4/IPSec VPN environment
As a personal favor, I am building a VPN for a small business. I
have chosen FreeBSD for this due to my greater familiarity. The
project will consist of linking four sites, each with a FreeBSD
system providing DHCP, NAT
the 10.1.2.1 firewall, I cannot ping
10.1.1.1 and vice-versa. I assume, at this point, this is some type
of routing issue and not a problem with IPSec. This seems to be
confirmed by the fact tracerouting to the local internal interface
goes through the *other* internal interface first:
waltwhitman
On Fri, 18 Jun 2004, Andre Rein wrote:
I'm able to ping 10.0.0.1 now from my vpnclient and ping the
vpnclient from 10.0.0.1 without any trouble.
The only problem I get, is to ping the vpnclient from the vpnserver.
It won't work.
So how should I setup the server to ping the client?
Am I
Hi Ml,
got a little understanding problem with my VPN connection.
I set up isakmpd. Connected from a static client ip.
Everything works fine.
10.0.1.0---195.226.x.98[INTERNET]195.226.x.124---10.0.0.0
gif0: flags=8050POINTOPOINT,RUNNING,MULTICAST mtu 1280
tunnel
]
Sent: 11 June 2004 18:16
To: [EMAIL PROTECTED]; [EMAIL PROTECTED]
Subject: Re: Routing question
Perhaps if you post more info, we can come up with creative solutions for
you. My big question is why?
AFAIK, you cannot have more than one default gateway, unless you are using
netgraph to balance
]
Sent: 11 June 2004 18:12
To: [EMAIL PROTECTED]
Subject: RE: Routing question
Leon,
This is possible, but will require you to run static routes so that you can
manually manage the connections. You should be able to set the routing
metrics so that all your traffic from client D goes to B
I have a box with 5 nics.
Cal them A,B,C,D,E.
A B are different internet connections.
E is a connection to a mail server on a public /29
C D are connections for 2 differnet client networks.
Is it possible to have all traffic coming in via C sent to a default gateway
on A's network and
all
Perhaps if you post more info, we can come up with creative solutions
for you. My big question is why?
AFAIK, you cannot have more than one default gateway, unless you are
using netgraph to balance between network interfaces. However, you could
NAT C D to their respective public interfaces.
: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
[EMAIL PROTECTED]
Sent: Saturday, June 05, 2004 11:29 AM
To: [EMAIL PROTECTED]
Subject: routing question
I am trying to configure a wireless router so I am redefining
routes and IP address of my system. After booting dhclient
I am trying to configure a wireless router so I am redefining routes and IP
address of my system. After booting dhclient ep0 works fine. After messing
around with the wireless router I was just going back to my ethernet connection
so I did:
ifconfig ep0 192.168.0.3 remove
arp -da
route
Of
[EMAIL PROTECTED]
Sent: Saturday, June 05, 2004 11:29 AM
To: [EMAIL PROTECTED]
Subject: routing question
I am trying to configure a wireless router so I am redefining
routes and IP address of my system. After booting dhclient
ep0 works fine. After messing around with the wireless router
I
always been there.
BM Try polling and see if the load reduces and the performance increases.
BM If all that machine is doing is routing, you can configure it to be
BM dedicated to routing.
Hello all:)
I'm here again..
so. I've purchased 3com nic, it recognises it as: bge0.
Situation went a bit better
, as that's usually referring to
BM ethernet, and you claim the problem hasn't always been there.
BM Try polling and see if the load reduces and the performance increases.
BM If all that machine is doing is routing, you can configure it to be
BM dedicated to routing.
Hello all:)
I'm here again
BM hugle wrote:
FG On Mon, 31 May 2004, hugle wrote:
dammit..
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle ?
usualy i have
hugle wrote:
BM hugle wrote:
FG On Mon, 31 May 2004, hugle wrote:
dammit..
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle ?
BM hugle wrote:
BM hugle wrote:
FG On Mon, 31 May 2004, hugle wrote:
dammit..
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle
and the performance increases.
If all that machine is doing is routing, you can configure it to be
dedicated to routing.
--
Bill Moran
Potential Technologies
http://www.potentialtech.com
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo
ethernet, and you claim the problem hasn't always been there.
no.. for example if i start downlaoding without using pipes (no
shaping) my total bandwith usage increases up to 98-99%
BM Try polling and see if the load reduces and the performance increases.
BM If all that machine is doing is routing, you
Hello all.
I run into some problem here
Let's take, that I have 10mbit internet and 1000 users behind the
router.
All I want to do is to NAT internet over all of these users
give some users external IPs (BIMAP in ipfilter)
And olso do traffic shaping, like:
Some IP groups (10.0.0.0/24) one pipe
On Mon, 31 May 2004, hugle wrote:
The question in what machine do i need?
What CPU and how much of ram ?
I set up a firewall for more than 300 users, a DMZ with a public webserver,
webmail and MX on a PII-350MHz with 128 MB RAM.
On another client, I set up a firewall for 50 users with a
FG On Mon, 31 May 2004, hugle wrote:
The question in what machine do i need?
What CPU and how much of ram ?
FG I set up a firewall for more than 300 users, a DMZ with a public webserver,
FG webmail and MX on a PII-350MHz with 128 MB RAM.
dammit..
why then my users eats so much CPU?
look:
CPU
hugle wrote:
FG On Mon, 31 May 2004, hugle wrote:
The question in what machine do i need?
What CPU and how much of ram ?
FG I set up a firewall for more than 300 users, a DMZ with a public webserver,
FG webmail and MX on a PII-350MHz with 128 MB RAM.
dammit..
why then my users eats so much CPU?
hugle wrote:
[ ... ]
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle ?
usualy i have ~50 idle..
now I have P4 2.4GHZ
maybe my
On Mon, 31 May 2004, hugle wrote:
dammit..
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle ?
usualy i have ~50 idle..
FG On Mon, 31 May 2004, hugle wrote:
dammit..
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle ?
usualy i have ~50 idle..
hugle wrote:
FG On Mon, 31 May 2004, hugle wrote:
dammit..
why then my users eats so much CPU?
look:
CPU states: 0.0% user, 0.0% nice, 0.8% system, 38.0% interrupt, 61.2% idle
Mem: 21M Active, 177M Inact, 133M Wired, 1228K Cache, 199M Buf, 1677M Free
I have only 61% idle ?
usualy i have ~50
=5.226 ms
That is correct the way it should be.
My routes on the clients box look as follows:
mmrserver# netstat -rn
Routing tables
Internet:
DestinationGatewayFlagsRefs Use Netif Expire
default192.168.254.1 UGSc7 1952dc0
127.0.0.1
On Wed, 26 May 2004, Leon Botes wrote:
I have a freebsd 4.7 box at a client.
The box has an ip of 192.168.254.22
The default gateway is 192.168.254.1 which is the inside interface of the
gateway. The outside interface of the gateway is 196.25.37.18 and it also
has an alias of 196.25.37.19.
Could you provide the output of ifconfig -a of the gateway box?
Should shed some more light about the issues, also the parts of
/etc/rc.conf, where the cards are configured, could be interesting.
Olaf
--
Olaf Hoyer[EMAIL PROTECTED]
Fuerchterliche Erlebniss geben zu raten, ob der,
Can you show us the routing on the server please rather than the client ?
What is the subnet mask of the alias 196.25.37.19 ? It should have a subnet
of 255.255.255.255 as it's on the same network as 196.25.37.18.
Cheers,
--
Nelis Lamprecht
PGP: http://www.8ball.co.za/pgpkey/nelis.asc
Unix
On Wed, 2004-05-26 at 12:28, Leon Botes wrote:
The below is only sections of the output. Most of the individual hosts have
been removed. Just a few examples left.
10.5/16192.168.254.29 UGSc0 11 fxp1
10.6/16192.168.254.12 UGSc00
Lamprecht [mailto:[EMAIL PROTECTED]
Sent: 26 May 2004 13:55
To: [EMAIL PROTECTED]
Subject: RE: Help with a routing issue
One other thing you can try. There is a sysctl variable
net.inet.ip.redirect: 1
Try turning that off by setting it to 0 on the client machine.
What happens ?
Nelis
On Wed
On Wednesday 26 May 2004 18:25, Leon Botes wrote:
I have a freebsd 4.7 box at a client.
The box has an ip of 192.168.254.22
The default gateway is 192.168.254.1 which is the inside interface of the
gateway. The outside interface of the gateway is 196.25.37.18 and it also
has an alias of
. The firewall is a hardware box meaning no software can be
altered.
Crazy idea: I have an idea about routing traffic through the server
and then to the firewall. This would make it possible for the server
to see that there's traffic on port 80 which should be prioritized
over traffic on port 21
Hello,
I've got three FreeBSD machines, a 4.9, and two 4.7 boxes. They're on a
small local network with a hub. Each is given an IP statically via dhcp
based on their nic mac address. All machines obtain a dhcp lease, machines a
and c can ssh and ping each other and have no issues. My problem
appreciated.
You're not providing enough information - this could have tons of reasons.
For a start, it would be helpful to see the intetface configuration and the
routing tables from the hosts in question.
Also, did you make sure you don't simply have packet filtering applied to
one or more of the boxes
Hi,
I have a problem using mpd as a PPTP client on FreeBSD 5.2. The connection is
successfully established but I can't do anything with it.
Using tcpdump I can see that GRE packets are sent through the rl0 interface
during the connection establishing but later they are sent over the ng0. If I
), i shut down the dc0 interface
(ifconfig dc0 down), enable the wlan card, (ifconfig ath0 inet 192.168.1.3 ssid daemon
ifconfig ath0 up).
then i flush my routing table (route flush) and add default gateway (route add default
192.168.1.1).
now i can
How can i route packets from Internet to my private network without exposed Internet
address?
Inet
|
NAT - ISP - 192.168/16 with Gateway 192.168.0.1
|
My FreeBSD Router on ISP Net 192.168.6.18
My FreeBSD Router on Private Net - 10.0.0.1
|
My private network - 10.0.0/24
Pls reply to me
On Apr 2, 2004, at 6:30 AM, Ivailo Bonev wrote:
How can i route packets from Internet to my private network without
exposed Internet address?
People cannot route traffic to your network unless you've got a
publicly routable IP address available for them to talk to. Talk to
your ISP, that is
Sorry to cross-post this question, but I wanted to make sure my thinking
is on track regarding a FreeBSD box I am going to use for
routing/firewalling.
A wireless project I am working on is getting 2 T1's from Global
Crossing that I want to bring into a Sangoma dual CSU/DSU card (using
I have a strange network question.
I finally found the vpn client that actually manages to open a
connection to the Cisco vpn appliance my employer uses with a minimum
of pain (security/vpnc). The problem I'm having is making it possible
for my FreeBSD desktop at work to retain access to my
You wrote:
I have 2 nics. The first has about 30 ips assigned to it and working
correctly. The other was a backup nic for the ISP backup network, but its
now I was asked to assign ips and a default gateway specification to
it,because we ran out of usable ips on the 1st nic, so we have a new
Hi list,
I need help on this problem:
I have 2 nics. The first has about 30 ips assigned to it and working
correctly. The other was a backup nic for the ISP backup network, but its
now I was asked to assign ips and a default gateway specification to
it,because we ran out of usable ips on the 1st
On Thu, 12 Feb 2004, SixthSense Server Admin wrote:
Hi list,
I need help on this problem:
I have 2 nics. The first has about 30 ips assigned to it and working
correctly. The other was a backup nic for the ISP backup network, but its
now I was asked to assign ips and a default gateway
I have a 4.9 box that's on a public IP and I want to configure Samba so it
only accepts connections from the private network (192.168.1). My question
is, can I do that with only 1 NIC card or do I have to add a second NIC for
the private LAN?
---Marius
You can do that within the smb.conf
Use SWAT, advanced options, I think just for the share...
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of
Marius Kirschner
Sent: Monday, 9 February 2004 12:40
To: [EMAIL PROTECTED]
Subject: Routing question
] On Behalf Of Marius
Kirschner
Sent: Monday, February 09, 2004 3:40 PM
To: [EMAIL PROTECTED]
Subject: Routing question -- Samba
I have a 4.9 box that's on a public IP and I want to configure Samba so
it
only accepts connections from the private network (192.168.1). My
question
is, can I do
On Mon, Feb 09, 2004 at 03:40:04PM -0500, Marius Kirschner wrote:
I have a 4.9 box that's on a public IP and I want to configure Samba so it
only accepts connections from the private network (192.168.1). My question
is, can I do that with only 1 NIC card or do I have to add a second NIC for
Roland Wells [EMAIL PROTECTED] writes:
I guess this is more a question (that could be a possible solution);
Could you just Bridge all the seperate physical networks, and leave
firewalling and NAT to be done by the router, or lets say, on another
FreeBSD box connected to the dsl modem?
In
Wireless USERS Wireless USERS
W W W W W W W W W W W W
|-| |-| |-| |-| |-| |-| |-| |-| |-| |-| |-| |-|
|-| |-| |-| |-| |-| |-| |-| |-| |-|
Sjaak Nabuurs [EMAIL PROTECTED] writes:
Wireless USERS Wireless USERS
W W W W W W W W W W W W
|-| |-| |-| |-| |-| |-| |-| |-| |-| |-| |-| |-|
|-|
Sjaak Nabuurs [EMAIL PROTECTED] writes:
Wireless USERS
Wireless USERS
W W W W W W W
W W W W W
|-| |-| |-| |-| |-| |-| |-|
|-| |-| |-| |-| |-|
|-| |-| |-| |-| |-| |-| |-|
Dear all
I have a cable modem hooked up as my default gateway and runing natd for my
clients on XL0
I have another modem is I want to put on the same box on a diffrent nic sis0
the problem is the remote gateway is the same for both IP's address
and we get msgs saying that xxx is on sis0 but
Dear all
I have a cable modem hooked up as my default gateway and running natd for
my clients on XL0
I have another modem is I want to put on the same box on a different nic sis0
Problem is the remote gateway is the same for both IP's address due to the
fact its the same ISP
I get messages
Hi :)
Allright, so, I've been trying to build a routing setup for some weeks now,
and after looking everywhere and asking for help, I still cannot find the
answer.
Here is what I want to do: source routing to 2 internet connections.
Basically, I want net1 to go on the Internet using gateway
Hi all, I need some help routing or making Nat on a LAN.
I have something like this:
I N T E R N E T
-
^ ^
| |
fxp0 public IP public IP
, I need some help routing or making Nat on a LAN.
I have something like this:
I N T E R N E T
-
^ ^
| |
fxp0 public IP public IP
need some help routing or making Nat on a LAN.
I have something like this:
I N T E R N E T
-
^ ^
| |
fxp0 public IP public IP
On Mon, 12 Jan 2004, David Miller wrote:
Isn't this equivilent to selecting the outbound route? You want to
select 10.a.b.c uf you want the connection routed out ISP 1 and
192.168.x.y otherwise.
yes it is.
There are bizzare cases where it might make sense to try and load
balance two
. the mistake kept
perpetuating because i kept using the shell's history to run the
traceroute, and the mind could not tell the difference between the 0 and
the 1. my bad, and much apologies. all works fine now.
Zebra implemets a number of routing protocols, including bgp. With BGP
you can pick
for every time *I'd* done something like
that...
Zebra implemets a number of routing protocols, including bgp. With BGP
you can pick the best route *out* for your packet, but everyone else's
BGP sessions will decide the best route *in* for you. In other words,
to me, if i can pick the source
hey,
i'm on a multihomed FreeBSD 4.9-RELEASE, cvsupped and built to -STABLE as
of two weeks ago. the two NICs on the box each go to different ADSL
providers. right now, i can switch which provider i use by just manually
changing the default route. however, what i'd like to do is to have the
running any routing
protocols, like routed?
a secondary question is, with the /usr/ports/net/zebra package, can i
configure this box to load balance flows over both ADSL connections,
assuming i do not have an AS number (for BGP) handy ? i.e. the question
is, assuming i make a tcp connection out
Hello everybody :)
I have a routing question and was wondering if FreeBSD was able to do this.
I have 2 ISPs (so 2 connections).
Can I use only one FreeBSD box as a gateway to:
- route LAN -- INTERNET (using connection 1)
- route DMZ -- INTERNET (using connection 2)
- route LAN -- DMZ (simple
try to do anything I get this:
$ ping 10.10.58.7
PING 10.10.58.7 (10.10.58.7): 56 data bytes
ping: sendto: Resource deadlock avoided
ping: sendto: No buffer space available
A little investigation showed that this is a known routing issue and
that it is possible to work
that this is a known routing issue and
that it is possible to work around by re-addressing the ng0 interface
with the VPN concentrator's private IP and set a default route to it. I
did this, but I still have the same problem. :(
Does anyone see what I am doing wrong here? Below are my routing
Oh. :( I thought it negotiated the encryption ok because I see this:
[ciscovpn] CCP: LayerUp
Compress using: MPPE, 128 bit, stateless
Decompress using: MPPE, 128 bit, stateless
And capturing on the interface, I see echo req's coming in from the
concentrator, but I encounter a routing loop
data, I
get decryption errors (the concentrator reports invalid packets).
And capturing on the interface, I see echo req's coming in from the
concentrator, but I encounter a routing loop when I try to send across
the tunnel.
I was able to get past the routing loop by readdressing
On Thu, 8 Jan 2004, Joe Marcus Clarke wrote:
Good luck. I have tried to get this working, but have never been able
to get mpd encryption to work with the Concentrator's encryption
(neither has anyone else to my knowledge). If you disable encryption on
the concentrator, the tunnel will come
Well, I have this problem again, I hope I get help at this time, not big
problem, its just something I'm missing here.
interface to net: ep0
interface to lan: xl0
ep0 has 2001:a68:2:10::2/64 with default gw 2001:a68:2:10:: and she works
fine.
xl0 should have 2001:a68:2:10:dead::/96
ifconfig ep0
Well, I got this fun routing problem again; so here it goes.
I have a router, which gets native ipv6 on xl0 with block 2001:a6x:2:1x::/64
and she has also lan-interface.
My idea was to route 2001:a6x:2:1x:dead::/96 to lan interface so i thought
doing as follows; added 2001:a6x:2:1x::3/64 to lan
natd on the external interface as you
describe. It's just the way that natd works, I'm afraid.
If this question is too arcane, please refer me to the correct
documentation. I don't even know where to start. Routing has always just
magically worked on FreeBSD. I would think it would
, back
through the port address translation to my internal nameservers?
If this question is too arcane, please refer me to the correct
documentation. I don't even know where to start. Routing has always just
magically worked on FreeBSD. I would think it would be possible to add
some sort of manual
interface of the firewall, to the external interface of the firewall, back
through the port address translation to my internal nameservers?
If this question is too arcane, please refer me to the correct
documentation. I don't even know where to start. Routing has always just
magically worked
Hello,
Running 4.9-stable. Here is a brief overview of the network I'm setting up.
***Internet***
|
DSL modem (192.168.1.1, netmask 255.255.255.252, assigned by ISP)
|
FreeBSD gateway external (192.168.1.2, netmask 255.255.255.252, assigned by
ISP)
|
FreeBSD
LAN clients can access boh gateway interfaces by hostname and IP. Clients
are
setup to use 192.168.1.2 for DNS, and 192.168.1.2 uses 192.168.1.1 for DNS.
I cannot get any traffic to reach (let alone pass) the DSL modem from the
clients.
I have tried this with the FreeBSD gateway, a
This setup appears a little confusing. Does your ISP give you a static
or dynamic IP address to the internet? It would also help to see the
interface configuration info in your rc.conf file.
generally speaking, your external interface should have the ip address
assigned by your isp, not a
Lokken
From: Clayton F [EMAIL PROTECTED]
To: joshua lokken [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: Re: Routing problem
Date: Mon, 8 Dec 2003 12:52:47 -0800
This setup appears a little confusing. Does your ISP give you a static or
dynamic IP address to the internet? It would also help
on the 10.0.0.0 network, I can ping
both de0 and rl0 on the gateway, but I cannot get any traffic
past rl0 to the cable modem from the LAN client. That is
where my minimal understanding of routing ends. I do not
know why I cannot pass traffic to the modem and out. I
hope this makes my problem clearer
original connection. [The inverse of
-unregistered_only.]
3. Finally, I've read (briefly thus far) about routed on FreeBSD.
Would
this daemon be used in such a way that I don't even need to add static
routes for LAN?
Yes, but routed is really intended for dynamic routing within
v8.04
Subject: IPSEC Tunnel Routing question
I would like to route all traffic over a gif/ipsec tunnel
I have the following situation
Existing internet connection in building A
Building to building wireless(between building A and Building B)
To secure the traffic going across the wireless I would
I think I figured out the problem but am unsure how to fix it
To recap my situation is as follows
Internet connection located in Building A(independent of BSD boxes)
FreeBSD 5.1 machine located at Building A
FreeBSD 5.1 machine located at Building B
Building-To-Building wireless between building
PROTECTED]
X-Mailer: IMail v8.04
Subject: IPSEC Tunnel Routing question
I would like to route all traffic over a gif/ipsec tunnel
I have the following situation
Existing internet connection in building A
Building to building wireless(between building A and Building B)
To secure the traffic going
freebsd 5.1 based machines sitting at Building A
and Building B. I have the tunnels up and running but I am experiencing
a problem with routing. Building B does not have an internet connection
so it needs to use the internet connection at Building A.
To lay it out in more details
Router at building
using the
www.freebsd.org/handbook/ipsec.html diagram as reference, it work fine
(tested by ping)
2. Configure IPSec in Transport mode (since I am interested in forwarding
dynamic routing information over point-2-point VPN) using
draft-touch-ipsec- vpn approach, i.e: IPSec policy
spdadd
the following steps:
1. I am using the www.freebsd.org/handbook/ipsec.html diagram as my
reference network
2. Configure the gif0 interface , it work fine (tested by ping and
tcpdump)
3. Configure IPSec in Transport mode (since I am interested in forwarding
dynamic routing information over point-2
Hello
My goals are:
- to use an Win2k server (terminal server) in a lan over the internet (FreeBSD
box with pptpd)
My equipment:
- Win2k server, SP4 (test machine)
- file server
- telnet server
IP: 192.168.1.50
- FreeBSD 4.8
- firewall (all rules works very well, also ftp etc.)
-
Hello,
I have coulpe of ipip tunnels at 2 near servers and trying to make
backup link for each using zebra via multiple nexthop static route.
So, 2 boxes: 192.168.5.1 has ipip link to host 210.210.210.1 and
192.168.5.3 also has ipip link to host 210.210.210.1 (using other
uplink).
couldnt add static routes to mine, but thats another
issue.) and so the 10.R.R.R router wont know where to forward to if it has
no route to 10.x.x.x (or at least the sending host on that network.)
Please note that I am rather inexperienced in routing
and please forgive me if I make terrible
401 - 500 of 639 matches
Mail list logo
