-
April 12th, 2007, 03:21 PM
#1
PPPD - SSH - VPN Routing issues.
I've been having a spot of bother with some of our friends from abroad - OK I'm uk based and could easily be accused of xenophobia.
I was out in the Far East recently on company business and was tasked with getting the existing and inplace VPN working between our UK head offce and Far Eastern Office.
It was a simple routing issue and hey presto - the VPN was established.
Now ite seems that the relevant Government Officials have now blocked port 500 (Open VPN) and our router there (Billion BiGuard30) will not allow a differing port to be used and it seems that the UK end (IPCop Linux Distro) can't change the port either - or so I'v ebeen informed.
Anyway not to be beaten it seems that you can use a little unix to get round this. Using pppd and ssh it is possible to set up a VPN using linux boxes. I used this recipie here: http://tldp.org/HOWTO/ppp-ssh/index.html to demonstrate a proof of concept bteween my laptop at work and my home PC.
I can reliably bring up the ppp0 intrefaces at both ends and can hapily ping between the two ends.
Using pppd I have set up the interface as :
Laptop : 192.168.254.1
Home PC : 192.168.254.254
Laptop LAN - 172.31.0.0/16
Laptop LAN IP - 172.31.3.73
Home LAN - 10.200.1.0/24
Home PC LAN IP 10..200.1.249
I have my routing tables set as follows:
Laptop:
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.254.254 * 255.255.255.255 UH 0 0 0 ppp0
10.200.1.0 192.168.254.254 255.255.255.0 UG 0 0 0 ppp0
172.31.0.0 * 255.255.0.0 U 0 0 0 eth0
default xxx.xxx.xxx 0.0.0.0 UG 0 0 0 eth0
Home PC
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.254.1 * 255.255.255.255 UH 0 0 0 ppp0
10.200.1.0 * 255.255.255.0 U 0 0 0 eth0
172.31.0.0 192.168.254.1 255.255.0.0 UG 0 0 0 ppp0
default xxx.xxx.xxx 0.0.0.0 UG 0 0 0 eth0
OK This is the bit that needs careful examination:
From my laptop I can ping 10.200.1.249
From my home PC I can ping 172.31.3.73
From my Home TV (10.200.1.250) with an added route I can ping 172.31.3.73
From a colleagues PC (172.31.3.252) with an added route I can ping 10.200.1.249
From my Home TV (10.200.1.250) with added routes I can ping 172.31.3.252
From a colleagues PC (172.31.3.252) with added routes I can ping 10.200.1.250
From my laptop I can not ping 10.200.1.250
from my home PC can not ping 172.31.3.252
I do not uderstand why the last 2 pings fail (Other networking between these two points fails as well)
If anyone here can shed some light on these results I would be greatful.
Regards,
Steve
Last edited by steve.milner; April 12th, 2007 at 03:24 PM.
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
Similar Threads
-
By Godsrock37 in forum Newbie Security Questions
Replies: 3
Last Post: February 19th, 2007, 12:55 PM
-
By foxyloxley in forum General Computer Discussions
Replies: 8
Last Post: June 22nd, 2005, 11:37 PM
-
By SDK in forum AntiOnline's General Chit Chat
Replies: 0
Last Post: April 20th, 2004, 02:16 PM
-
By Simo in forum Miscellaneous Security Discussions
Replies: 7
Last Post: October 28th, 2003, 03:47 PM
-
By Noble Hamlet in forum AntiOnline's General Chit Chat
Replies: 1100
Last Post: March 17th, 2002, 09:38 AM
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|