[linux] OpenVPN, masquerading a routovanie

Pogac Daniel dano na tatrasoft.sk
Úterý Leden 4 16:42:59 CET 2005 

Podla mna ta predchadzajuci mail zle naviedol. 
Na server1 musis dat
route add net 192.168.0.0 mask 255.255.255.0 gw 10.0.0.2

Potom by to uz malo ist...

Dňa Pi, 2004-12-31 at 17:39, Lubomir Host napísal:

> On Fri, Dec 31, 2004 at 09:34:11AM +0100, Ing. Jan ONDREJ wrote:
> > > Mam lokalnu siet 192.168.0.0/16, ktora je pripojena cez firewall/router
> > > (oznacme si ho FW1) do internetu. FW1 ma 2 sietove karty eth0 a eth1.
> > > eth0 je vonkajsi interface s adresou 12.34.56.78, vnutorny interface ma
> > > IP 192.168.0.1.
> > > 
> > > Na internete je umiestneny dalsi server (oznacme si ho SERVER1), ktory
> > > ma iba jednu sietovu kartu eth0 a IP adresu 23.45.67.89.
> > > 
> > > Mam rozbehnuty sifrovany OpenVPN tunel medzi FW1 a SERVER1. Na FW1 ma
> > > tunelovy interface tun0 IP adresu 10.0.0.2, tun0 interface na serveri
> > > SERVER1 ma IP 10.0.0.1. Na oboch FW1 a SERVER1 viem pingnut obe adresy
> > > 10.0.0.1 a 10.0.0.2, cize OpenVPN tunel funguje bez problemov.
> [...snip...]
> > > FW1:
> > > ------------------------------------------%<------------------------------------------
> > > root na fw1# route -n
> > > Kernel IP routing table
> > > Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> > > 10.0.0.1        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
> > > 12.34.56.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
> > > 192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> > > 0.0.0.0         12.34.56.1      0.0.0.0         UG    0      0        0 eth0
> > 
> > Tu musis pridat routu na SERVER1 cez sucasnu branu a na cely zvysok
> > cez tun0.
> > 
> > route add -host 23.45.67.89 gw 12.34.56.1
> > route add default gw 10.0.0.1
> 
> Skusil som tieto dva prikazy a routovacia tabulka bola nasledovna, ale
> pakety sa zacali niekde zahadovat:
> 
> --------------------------------------%<--------------------------------------
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
> 23.45.67.89     12.34.56.78     255.255.255.255 UGH   0      0        0 eth0
> 10.0.0.1        0.0.0.0         255.255.255.255 UH    0      0        0 tun0
> 12.34.56.0      0.0.0.0         255.255.255.0   U     0      0        0 eth0
> 192.168.0.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
> 0.0.0.0         10.0.0.1        0.0.0.0         UG    0      0        0 tun0
> 0.0.0.0         12.34.56.1      0.0.0.0         UG    0      0        0 eth0
> --------------------------------------%<--------------------------------------

------------------------------
Daniel Pogač
Technical Support

TatraSoft Group, s.r.o.
Sibírska 4
83102 Bratislava

tel: +421-2-55574033
fax: +421-2-55566385
cell: +421-905-908605
e-mail: dano na tatrasoft.sk
web: www.tatrasoft.sk
------------- další část ---------------
HTML příloha byla odstraněna...
URL: http://lists.linux.sk/pipermail/linux/attachments/20050104/976a32cb/attachment.html

Další informace o konferenci linux