Hi,
This is a question regarding GNUGK+NAT+VPN
Here are a few setup that I tried using gnugk with softphones.
Terms used:
1. ICS = Internet Connection Sharing (XP)
2. IP's are for example purpose only.
3. VPN used is OpenVPN on routing mode, pushing only our routes via the tunnel.
----------------------x------------------------------
case#1
GNUGK (public IP) <=> Internet <=> ComputerOnPublicIP
GK IP: 1.2.3.4
usr IP: 5.6.7.8
-- IP Diagram --
1.2.3.4 <-> Internet <-> 5.6.7.8
r> works fine ..
simple typical case
----------------------x------------------------------
case#2
GNUGK (public IP) <=> Internet <=> ComputerOnPublicIP <=> WindowsConnectionSharing(NAT) => ComputersOnPrivateIP's
GK IP: 1.2.3.4
usr IP: 5.6.7.8
Private IP: 192.168.0.1-254
-- IP Diagram --
1.2.3.4 <-> Internet <->
5.6.7.8 <-> LAN <-> 192.168.0.0/24
r> works fine ..
another simple case. using ICS on XP.
both the ICS Server and Computers on Private range can make calls.
----------------------x------------------------------
case#3
GNUGK (public IP) <=> VPNServer(NAT all packet from VPN) <=> Internet => ComputerOnPublicIP
GK IP:
1.2.3.4
usr IP: 5.6.7.8
VPN Server Public IP: 11.22.33.44
VPN Server Internal IP: 10.10.10.1
VPN Server Client IP:
10.10.10.100
-- IP Diagram --
1.2.3.4 <-> Internet <-> 11.22.33.44 / 10.10.10.1
<-> VPN Tunnel <-> 10.10.10.100 / 5.6.7.8
r> works fine ..
The Computer connects via VPN to a server, and its packets are passed on to the GNUGK via NAT.
----------------------x------------------------------
case#4
GNUGK (public IP) <=> VPNServer(NAT all packets from VPN) <=> Internet => ComputerOnPublicIP (VPN client is now Shared ) => ComputerOnPrivateIP's
GK IP: 1.2.3.4
usr IP: 5.6.7.8
VPN Server Public IP: 11.22.33.44
VPN Server Internal IP:
10.10.10.1
VPN Server Client IP: 10.10.10.100
-- IP Diagram --
1.2.3.4 <-> Internet <-> 11.22.33.44/10.10.10.1
<-> VPN Tunnel <-> 10.10.10.100 / 5.6.7.8<-> LAN(ICS on 10.10.10.100) <->
192.168.0.0/24
r> works fine ..
The computer on PublicIP will connect using VPN to the VPN server. It will then use ICS on the VPN adapter. Thus, the computers on private IP's will get IPs from the VPN adapter. All traceroutes to
1.2.3.4 goes via 10.10.10.100
----------------------x------------------------------
case#5
GNUGK (public/private IP) + VPN Server (both) <=> Intenet <=> ComputerOnPublicIP (VPN Client)
GK IP: 1.2.3.4
VPN IP: 1.2.3.5 -eth0:0 alias
usr IP: 5.6.7.8
VPN Server Public IP:
11.22.33.44
VPN Server Internal IP: 10.10.10.1
VPN Server Client IP: 10.10.10.100
-- IP Diagram --
1.2.3.4
and 5 / 10.10.10.1 <-> VPN Tunnel <-> 10.10.10.100 / 5.6.7.8
r> DOES not work.
From the VPN Client, If I use either the Public IP for GNUGK or Private IP for gnugk, I am unable to hear anything.
GNUGK is running on both 1.2.3.4 / 1.2.3.5 and 10.10.10.1 ..
from 5.6.7.8, no matter if I use
1.2.3.4 or 10.10.10.1, cannot hear anything ..
----------------------x------------------------------
case #6
GNUGK (public/private IP) + VPN Server (both) <=> Intenet <=> ComputerOnPublicIP (VPN client is now Shared ) => ComputerOnPrivateIP's
GK IP: 1.2.3.4
VPN IP: 1.2.3.44 -- eth0:0 -- alias on the same eth0
usr IP: 5.6.7.8
VPN Server Public IP:
11.22.33.44
VPN Server Internal IP: 10.10.10.1
VPN Server Client IP: 10.10.10.100
-- IP Diagram --
1.2.3.4
and 5 / 10.10.10.1 <-> VPN Tunnel <-> 10.10.10.100 / 5.6.7.8 <-> LAN(ICS on
10.10.10.100) <-> 192.168.0.0/24
r> strange enough, works fine ..
I get a reply if I use the Public IP or the private IP of the gnugk.
Here
192.168.0.0/24 can make calls on 1.2.3.4 or 10.10.10.1 without any issues.
->
I used this number to make test:
919891244374 (India) should hear: "services to this number are temporarily on hold" .
In cases #1, #2, #3, #4 and #6, I hear "services to this number are temporarily on hold"
But my requirement is to make it work on case#5
I want to know why I am unable to hear anything on case#5.
and strange enough, if I share the same VPN connection using ICS, and try from private shared IP, it works!
Requirement is to make GNUGK work in a p2p (point2point) type scenario.
10.10.10.1 is the VPN server IP with GNUGK running, 10.10.10.100-200 are clients.
Please let me know what could be done to make it work.
Thanks,
Shashi
