| View previous topic :: View next topic |
| Author |
Message |
dAlexis
n00b
Joined: 18 Apr 2004
Posts: 63
Location: Moscow region,Russia
|
 Posted: Sun Nov 06, 2005 10:38 am Post subject: Setting up global routing to PPTP(provider) with LAN alive |
 |
|
I have a router (cheap D-Link) with two machines after it. Approx. config - just for possible future samples:
Let it be Internal lan 192.168.0.1(router), machine 192.168.0.2, Wan router address (PPTP provider) - 172.16.0.2, Provider's PPTP server - 80.0.0.1
PPTP link is up, no problems with MS-server auth. (provider is brainy enough, and not using it) , But! When I'm routing all traffic in the tunnel, LAN is unavailable  It's understandable indeed, but how to set up routing to use both tunnel and LAN? Tell me about RTFM, if present, but I was looking for it. "Routing all" was found nearly in 1 min, but no sample for routing "all, but something". |
|
| Back to top |
|
 |
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Sun Nov 06, 2005 7:53 pm Post subject: |
|
|
Do you mean you have set up a second, separate LAN behind your WAN router ?
Then you simply have to route the traffic for that back to the 192.168.0.1 router - if your WAN router supports that.
If not, you can NAT the traffic behind the LAN router.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
dAlexis
n00b
Joined: 18 Apr 2004
Posts: 63
Location: Moscow region,Russia
|
| Posted: Mon Nov 07, 2005 5:45 pm Post subject: |
|
|
| adaptr wrote: | | Do you mean you have set up a second, separate LAN behind your WAN router ? |
Yes, exactly! 192.168.* - own LAN, 172.16.* - provider's lan. It's not "WAN" itself, but only a channel to it.
| Quote: | Then you simply have to route the traffic for that back to the 192.168.0.1 router - if your WAN router supports that.
If not, you can NAT the traffic behind the LAN router. |
D-Link DI-604 - highly "advanced" router indeed.  It's supporting only something, but not "routing back". Of course, this router can support PPTP, but I'm afraid, that it may be cracked ("what do you want for your 30$"). I don't want to loose INET password in cracked router indeed.
Please, point me to the NAT RTFM, matching my case, if possible - there are several NAT possibilities. I was using only dialup before and not familiar with better channels.
_________________
"The Matrix has you!" - "Let it be...." |
|
| Back to top |
|
|
adaptr
Watchman
Joined: 06 Oct 2002
Posts: 6730
Location: Rotterdam, Netherlands
|
| Posted: Tue Nov 08, 2005 9:57 pm Post subject: |
|
|
Not really.
For a simple "I don't care, just NAT me" solution there is Rusty's tried-and-true one-line NAT config:
| Code: | | iptables -A POSTROUTING -o $EXT_IF -j MASQUERADE |
Replace $EXT_IF with the interface that faces the primary LAN, and it will NAT everything behind the secondary LAN to that interface's address.
This causes the WAN router to route everything destined for the secondary LAN back to the Gentoo box, which will deal with un-NATting the traffic again.
Make sure you enable packet forwarding on the gentoo box.
_________________
>>> emerge (3 of 7) mcse/70-293 to /
Essential tools: gentoolkit eix profuse screen |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
