Hello Okey, I tried to set up routing table this way : On the test box (doesn't use the /25 yet): 'ip route add 217.211.70.0/24 dev tunl1' On my home box: 'ip route add 192.121.234.208/28 dev tunl1' But the connection still freezes... Maybe I misunderstood you? > If I'm going over stuff covered already on this list, please let me > know!! Sorry... this is my first post!! > > If you've just used the iptunnel command, you'll also need to use > ifconfig with the pointopoint type to set up an interface to route > traffic through. The IP address's on either end of the point to point > interface should be the IP's you want to route traffic between once > you've reached the subnets at each end of the tunnel. If you want to > route more traffic across the link you use "ip route add 10.0.0.0/24 > dev ipiptunnelname" or similar. > > Also, you can view the traffic either encapsulated, by running tcpdump > on your physical interface, or un-encapsulated by running it on your > pointopoint interface. > > Dan! > > On 27 Apr 2005, at 09:22, Taylor, Grant wrote: > >>> Hello >>> I have looked at SSH tunneling, but what I know I think that's not the >>> best solution for me. After some research, IPIP or GRE tunnel seems >>> to fit >>> me best. But I don't find any good documentation, neither the LARTC >>> howto >>> is brings up my problem. >>> I'd figured out that I will use iptunnel or similar to set up an >>> IPIP-tunnel, like: >>> iptunnel add dev tunl1 mode ipip local a.b.c.d remote e.f.g.h >>> and the same on the other side (just switching local and remote >>> addresses) >>> to tunnel the public IP address e.f.g.h (on the /25-box) to tunl0 at >>> a.b.c.d (my public IP at home). But the connection betweeen me and the >>> remote host freezes, so I guess that's not enough. What more do I >>> have to >>> do? >> >> Is the ""freeze that you are talking about data through the tunnel or >> is it the initialization it's self? If it is the former, check to >> make sure that your firewall is not blocking traffic that would be >> flowing through the tunnel. Namely if your filter table FORWARD chain >> policy is set to DROP and you don't have an explicit allow for traffic >> flowing through the tunnel interface you will not be able to get >> things to work. I'll have to play with GRE / IPIP tunnels to see if I >> can offer any advice. >> >> >> >> Grant. . . . >> _______________________________________________ >> LARTC mailing list >> LARTC@xxxxxxxxxxxxxxx >> http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc > > _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
