I'm not sure what you mean by "setup IP over IP tunneling," but I can tell you what I do in various circumstances. It's not kernel based as much as it is ssh based, and relies on the -L and/or -R switches for ssh. For example, where I worked recently, the closed access to the internal network so that I could no longer ssh in. I got around that by doing: while true; do ssh -R 23258:localhost:23 66.92.170.XX done from the machine on the inside that I wanted to get to while off somewhere around the world. Here's what this command means. Consider the outside elements, 'ssh 66.92.170.XX." That part is certainly clear, and does as you expect. It establishes a connection from the machine where the command is issued to the machine at 66.92.170.XX. The wrapper script "while true do" just insures that the link gets re-established should it go down for some reason. The inner portion says "take the remote port 23258 on localhost and send it back here on port 23." In other words, I could, on the machine that is 66.92.170.xx, type: telnet localhost 23258 and get a telnet login back to that machine inside the firewall. It worked like a charm. Other uses for this kind of syntax might include forwarding mail, or real audio (or speak freely) ports. Whatever. I hope this is clear, at least as clear as mud and that it's somewhat helpful. Gregory Nowak writes: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Hi all. > > Is anyone here familiar with how to setup ip over ip tunneling with a > 2.4.26, and eventually with a 2.6.x kernel? The documentation on the > subject is very scant, however, I managed to locate the following: > > http://www.javacommerce.com/tips/linux/all/00000175.html > > http://snafu.freedom.org/linux2.2/tunnel-notes.html > > http://www.uwsg.iu.edu/hypermail/linux/net/0301.2/0002.html > > Out of all of these, most deal with linux 2.0, or 2.2, which is > incorrect info when using linux 2.4, since there is only the one ipip > module in linux 2.4 now, and the configuration seems to be different > as far as I can tell. The second URL seems to be the most > informative. However, the fact that the person is using 192.168 IP > addresses for both the private and public addresses is very confusing > to me, and I eventually lose track of which is which. Also, this > person is seemingly showing how to setup a circular 2-way tunnel > between 3 or 4 machines, which is too advanced from what I'm looking > for. This makes it difficult for me to determine which portions of the > advanced example I want for my setup, not to mention that I find the > advanced setup example confusing as well. > > Ok, now that I've described all my problems, let me describe what it > is that I want out of ipip. Simply put, I have 2 machines, machine a, > and machine b. For my purposes, machine a is the client, machine b is > the server. What I want is to have a 1-way tunnel, through which > machine a would make only out-bound connections, using its tunnel to > machine b, thus making it appear that the connections are coming from > machine b's network. > > Can someone who is familiar with ip over ip describe for me what > configuration steps I need to take on the client and server for my > specific situation as described above? Also, please use different IP > ranges (E.G. 172.16.x.x, and 192.168.x.x, where the 172 range would be > the public addresses, and the 192 range would be the private addresses > used in the tunnel) to make your explanation easier to understand? > Thanks in advance. > > Greg > > > - -- > Free domains: http://www.eu.org/ or mail dns-manager at EU.org > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.3 (GNU/Linux) > > iD8DBQFBGQCU7s9z/XlyUyARAjcEAJ9tMLuSrJsxd/UxMq7ALQ3DiJ4K5gCeIT2X > S6qCVp5ni4e3lMcNFdrh7yM= > =Bgtk > -----END PGP SIGNATURE----- > > _______________________________________________ > Speakup mailing list > Speakup at braille.uwo.ca > http://speech.braille.uwo.ca/mailman/listinfo/speakup -- Janina Sajka, Chair Accessibility Workgroup Free Standards Group (FSG) janina at freestandards.org Phone: +1 202.494.7040