Scheduled Maintenance: We are aware of an issue with Google, AOL, and Yahoo services as email providers which are blocking new registrations. We are trying to fix the issue and we have several internal and external support tickets in process to resolve the issue. Please see: viewtopic.php?t=158230
Hello all,
I've set up a server with a public IP to connect to a VPN server via L2TP/IPsec, the configuration is ok and the connection works. The VPN server assigns to my server addresses like 192.168.6.A.
Now I have to connect to a machine under the VPN that has address like 192.168.X.Y (X is not 6), so first of all I tried to ping it and these are the results:
ping -c 3 192.168.X.Y --> all packets loss
ping -c 3 -I 192.168.6.A 192.168.X.Y --> all packets loss
ping -c 3 -I ppp0 192.168.X.Y --> all packets received
I read on the internet that I have to change the deafult route (the command is: route add default dev ppp0) but I can't because eth0 address is public so I imagine the best solution is to create a forward between ppp0 and eth0.
Forwarding and masquerading have nothing to do with this. It is a routing issue.
You must add a route to the destination address or prefix using the VPN interface.
This route is not persistent and will be removed when the interface comes down.
It can be added automatically by a script in /etc/ppp/ip-up.d/ when the interface comes up.
p.H wrote:Forwarding and masquerading have nothing to do with this. It is a routing issue.
You must add a route to the destination address or prefix using the VPN interface.
This route is not persistent and will be removed when the interface comes down.
It can be added automatically by a script in /etc/ppp/ip-up.d/ when the interface comes up.
Yeah!! It worked, thank you very much
Just another question: to add this permanently, is the procedure below the right one?
No.
1) The /etc/ppp/ip-up.d directory should already exist as it is part of the ppp package.
2) Scripts in /etc/ppp/ip-up.d are executed by /etc/ppp/ip-up using run-parts. run-parts has restrictions on files it executes. For example file names containing periods "." are ignored. See the run-parts man page for details.
3) Some parameters are passed to the scripts as command line arguments and environment variables. They include the PPP interface name, the local and remote IP addresses and the value of the "ipparam" option defined in the pppd config. See in the /etc/ppp/ip-up script for details.
As the scripts are run for any PPP connection, I recommend to
- set the ipparam option in the specific pppd config to a unique value and check that value in $PPP_IPPARAM ;
- use $PPP_IFACE containing the PPP interface name in the route creation command.
p.H wrote:No.
1) The /etc/ppp/ip-up.d directory should already exist as it is part of the ppp package.
2) Scripts in /etc/ppp/ip-up.d are executed by /etc/ppp/ip-up using run-parts. run-parts has restrictions on files it executes. For example file names containing periods "." are ignored. See the run-parts man page for details.
3) Some parameters are passed to the scripts as command line arguments and environment variables. They include the PPP interface name, the local and remote IP addresses and the value of the "ipparam" option defined in the pppd config. See in the /etc/ppp/ip-up script for details.
As the scripts are run for any PPP connection, I recommend to
- set the ipparam option in the specific pppd config to a unique value and check that value in $PPP_IPPARAM ;
- use $PPP_IFACE containing the PPP interface name in the route creation command.
I read all your suggestions and I finally found what I needed. Here the right procedure:
Do you know what exec does ?
It replaces the shell executing the script with the specified command in the same process. When it terminates, it does not return to the script execution.
Without exec, the command is executed in a child process. When it terminates, the script execution is resumed.