[GRLUG] VPN Help [Routing]
Adam Tauno Williams
awilliam at whitemice.org
Mon Aug 5 05:19:44 EDT 2013
On Sun, 2013-08-04 at 15:38 -0500, L. V. Lammert wrote:
> Seems like it should be simple, but what I cannot get straight in my mind
> is how a user at the remote site (192.168.2.0) would connect to an IP at
> the main office (192.167.1.149). Seems like there has to be a specific
> forward setup in the the remote router, but I can't figure that out from
> the config screens.
Use a /30 subnet for the tunnel end-points and something convenient like
a /24 for each end. The default gateway on both sides will need a route
to the other end's sub-net. If you have only two sites you can do this
with static routes.
But I'd recommend setting up a routing protocol if you don't already
have one. Quagga/Zebra is packaged on most LINUX distributions and
works very well. RIP is trivial to configure. If you run a ripd on
each of your servers then they will all know how to get everywhere on
you LAN/WAN, rather than relying on redirects from the default gateway.
Just make sure you configure it to use RIP protocol version 2 so that
the variably subnetted ranges work, RIP version 1 only understands the
old-fashion classed ranges [among other shortcomings].
More information about the grlug
mailing list