I currently have a Linux box at home running as my DHCP/DNS/OpenVPN/IPSec VPN/etc server. The IPSec VPN Server is Racoon, however so far I have only been able to get it to hand out address in the 10.8.1.1-255 subnet when my normal subnet is 172.16.6.1-255. Problem with this I cannot access any other machines on my network (like my servers RAC). How do I configure Racoon to hand out a specific range of IPs, say from 172.16.6.80-89 (not handed out by my DHCP server)?
![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
Navigation
Install the app
How to install the app on iOS
Follow along with the video below to see how to install our site as a web app on your home screen.
Note: This feature may not be available in some browsers.
More options
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
Racoon configuration
- Thread starter runt
- Start date
ben chi(f4)
2[H]4U
- Joined
- Mar 4, 2008
- Messages
- 2,339
ACL?
It could very well be a route I'm missing, but I have no clue what that route should be. I've tried
.
But it still doesn't allow me to access other IPs. I'm guessing its because I don't have a gateway but I don't want to scree it up right now.
Route w/ one client shows the following.
Code:
route add -net 10.8.1.0 netmask 255.0.0.0 dev eth0But it still doesn't allow me to access other IPs. I'm guessing its because I don't have a gateway but I don't want to scree it up right now.
Route w/ one client shows the following.
Code:
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0
172.16.6.0 * 255.255.255.0 U 0 0 0 br0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0
link-local * 255.255.0.0 U 1003 0 0 br0
default h001.mccloud.lo 0.0.0.0 UG 0 0 0 br0DlStreamnet
Limp Gawd
- Joined
- Mar 10, 2005
- Messages
- 359
You need to add a gateway to the 10 network as the 172 network and vice versa.
I can add the route from 10.8.1.0 to 172.16.6.0 just fine, but i can't go the other way for some reason.
Code:
[shaun@hda ~]$ sudo route add -net 10.8.1.0 netmask 255.255.255.0 gw 172.16.6.1
[sudo] password for shaun:
[shaun@hda ~]$ sudo route add -net 172.16.6.0 netmask 255.255.255.0 gw 10.8.1.1
SIOCADDRT: No such process
[shaun@hda ~]$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.8.0.2 * 255.255.255.255 UH 0 0 0 tun0
172.16.6.0 * 255.255.255.0 U 0 0 0 br0
10.8.0.0 10.8.0.2 255.255.255.0 UG 0 0 0 tun0
10.8.1.0 h001.mccloud.lo 255.255.255.0 UG 0 0 0 br0
192.168.122.0 * 255.255.255.0 U 0 0 0 virbr0
link-local * 255.255.0.0 U 1003 0 0 br0
default h001.mccloud.lo 0.0.0.0 UG 0 0 0 br0Could part of the issue be that Racoon doesn't create a device at all? OpenVPN does but there is nothing for Racoon. Here is my ifconfig output
br0 is my Linux KVM bridge/main IP for the box, tun0-00 is my OpenVPN tunnel, virbr0 is for NATted Linux KVM VMs & vnet0 is for Linux KVM VMs w/o access to anything else on my network. So far, only br0 is used for a VM (it is only a HP MicroServer N40L so it doesn't have lots of spare CPU time).
Code:
br0 Link encap:Ethernet HWaddr 2C:76:8A:AD:EF:B0
inet addr:172.16.6.3 Bcast:172.16.6.255 Mask:255.255.255.0
inet6 addr: fe80::2e76:8aff:fead:efb0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:31217026 errors:0 dropped:0 overruns:0 frame:0
TX packets:17230281 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:33558624017 (31.2 GiB) TX bytes:31590418939 (29.4 GiB)
eth0 Link encap:Ethernet HWaddr 2C:76:8A:AD:EF:B0
inet6 addr: fe80::2e76:8aff:fead:efb0/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:52495080 errors:0 dropped:0 overruns:0 frame:0
TX packets:47052383 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:65532537016 (61.0 GiB) TX bytes:33487619345 (31.1 GiB)
Interrupt:18
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:7182464 errors:0 dropped:0 overruns:0 frame:0
TX packets:7182464 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:40843678608 (38.0 GiB) TX bytes:40843678608 (38.0 GiB)
tun0 Link encap:UNSPEC HWaddr 00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.8.0.1 P-t-P:10.8.0.2 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:1338 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:0 (0.0 b) TX bytes:235369 (229.8 KiB)
virbr0 Link encap:Ethernet HWaddr 3E:DF:E7:ED:90:89
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:37126 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:0 (0.0 b) TX bytes:5192855 (4.9 MiB)
vnet0 Link encap:Ethernet HWaddr FE:54:00:0A:64:F6
inet6 addr: fe80::fc54:ff:fe0a:64f6/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:10516110 errors:0 dropped:0 overruns:0 frame:0
TX packets:20856296 errors:0 dropped:0 overruns:91 carrier:0
collisions:0 txqueuelen:500
RX bytes:597510604 (569.8 MiB) TX bytes:31269796401 (29.1 GiB)