Hi! sorry i wasnt able to reply to your email immediately since im busy with my test in my newly tunnel setup. Sure i could help you regarding in setting up gre tunneling in linux. Here is base in own setup network need to tunnel. I have two networks, Network A has a running Linux Slackware 7 acting as a gateway of the private network 192.168.100.0/24. the linux server has a two NIC, eth0 is connected to the internet with the ip address of x.x.x.x/32 and the eth1 is connected to the hub to private network with the ip address of 192.168.100.1/24. Same with the Network B but the Linux is running a Redhat 6.0 with a private network 192.168.200.0/24, eth0 (internet) d.d.d.d/32 ip address and eth1 (private network) 192.168.200.1/24. If you build this linux boxes, always include the kernel sources, development and also some compilers coz you need to recompile your kernel if something wont work and also for compiling the iproute2 package. Here is the setup you need in both linux servers. Download the iproute2 package here. ftp://ftp.inr.ac.ru/ip-routing/iproute2-current.tar.gz Once you download the tar, just extract is wherever you wish to extract the package, let say /usr/local/src extract the package /usr/local/src# tar zxvf iproute2-current.tar.gz go to the iproute2 folder /usr/local/src# cd iproute2 compile the package /usr/local/src/iproute2# make after compiling the package go to folder ip and copy the executable file ip to your /bin /usr/local/src/iproute2/ip# cp ip /bin now you have a working ip command. you can try it by typing ip addr show or ip link show Now masquerade both network using ipchains command, try "ipchains -L", you will see this result if you havent setup a masq for both networks. Chain input (policy ACCEPT): Chain forward (policy ACCEPT): Chain output (policy ACCEPT): Now enable the ip forwarding and masq # echo 1 > /proc/sys/net/ipv4/ip_forward # ipchains -A forward -s 192.168.100.0/24 -j MASQ # ipchains -A forward -s 192.168.200.0/24 -j MASQ Now try to look your ipchains table, type "ipchains -L" youll see llike this Chain input (policy ACCEPT): Chain forward (policy ACCEPT): target prot opt source destination ports MASQ all ------ 192.168.100.0/24 anywhere n/a MASQ all ------ 192.168.200.0/24 anywhere n/a Chain output (policy ACCEPT): Now for the tunnel part. Load the modules for tunneling and setting the tunnel. #insmod ip_gre #ip tunnel add netb mode gre remote d.d.d.d local x.x.x.x ttl 255 #ip link set netb up #ip addr add 192.168.100.1 dev netb #ip route add 192.168.200.0/24 dev netb This setup is in Network A. -------------------------------------------------------- Now do the Network B, untar iproute2 package # echo 1 > /proc/sys/net/ipv4/ip_forward # ipchains -A forward -s 192.168.200.0/24 -j MASQ # ipchains -A forward -s 192.168.100.0/24 -j MASQ #insmod ip_gre #ip tunnel add neta mode gre remote x.x.x.x local d.d.d.d ttl 255 #ip link set neta up #ip addr add 192.168.200.1 dev neta #ip route add 192.168.100.0/24 dev neta Now try ping both NIC IP address of both linux servers. if its resolving try the private network ip's, hope its working. wheew. Glynn ----- Original Message ----- From: "Sagar Srivastava" <sagar@vpn.cwlglobal.com> To: "glynn" <glynn@itextron.com> Sent: Wednesday, January 09, 2002 4:41 PM Subject: Re: [LARTC] Gre Tunneling Problem > Glynn, > > It is nice to hear that you tunneling is working. I have setup a VPN using > PPTP in win2000 and I am desperate to set a similar VPN in Linux. I Need > your help! > > It would be nice if you tell the steps to do this, the tools you used, or > tell me the links to the pages the describe it and also something you would > like to advice. > > Thank you very much for going through my problem. > > Sagar, India > ----- Original Message ----- > From: "glynn" <glynn@itextron.com> > To: "Greg Scott" <GregScott@InfraSupportEtc.com>; "Christoph Simon" > <ciccio@kiosknet.com.br>; "Joe Patterson" <jpatterson@asgardgroup.com> > Cc: <lartc@mailman.ds9a.nl> > Sent: Tuesday, January 08, 2002 12:58 PM > Subject: Re: [LARTC] Gre Tunneling Problem > > > > Guys I just want you to know that my tunneling is working now. the only > > thing ive addess is the NAT, i configure nat both linux boxes and it > works. > > thanks for the help guys, I really appreciate you help. til next time. > > > > Thanks > > Glynn > > > > ----- Original Message ----- > > From: "Greg Scott" <GregScott@InfraSupportEtc.com> > > To: "'glynn'" <glynn@itextron.com>; "Christoph Simon" > > <ciccio@kiosknet.com.br>; "Joe Patterson" <jpatterson@asgardgroup.com> > > Cc: <lartc@mailman.ds9a.nl> > > Sent: Tuesday, January 08, 2002 8:40 PM > > Subject: RE: [LARTC] Gre Tunneling Problem > > > > > > > > btw in configuring gre tunneling in > > > > Redhat 6.0, pls help > > > > > > Could this be your problem? I thought the PPTP VPN stuff needs the 2.4 > > > kernel. The testing I mentioned earlier was with Red Hat 7.1 on both > ends > > > of the tunnel, which is a 2.4.n kernel. > > > > > > - Greg > > > > > > > > > > > > -----Original Message----- > > > From: glynn [mailto:glynn@itextron.com] > > > Sent: Monday, January 07, 2002 12:29 AM > > > To: Christoph Simon; Joe Patterson > > > Cc: lartc@mailman.ds9a.nl > > > Subject: Re: [LARTC] Gre Tunneling Problem > > > > > > > > > It wont work Joe, I tried everything, I almost search the howto in the > web > > > thru gre tunneling and almost the same. btw in configuring gre tunneling > > in > > > Redhat 6.0, pls help > > > Thanks > > > > > > Glynn > > > > > > > > > _______________________________________________ > > > LARTC mailing list / LARTC@mailman.ds9a.nl > > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: > http://ds9a.nl/lartc/ > > > > > > > > > _______________________________________________ > > LARTC mailing list / LARTC@mailman.ds9a.nl > > http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://ds9a.nl/lartc/ > > >
