[YLUG] VPN

Patrick Dupre pd520 at york.ac.uk
Sat Jul 18 10:07:20 UTC 2009 

On Sat, 18 Jul 2009, john halewood wrote:

> 2009/7/18 Patrick Dupre <pd520 at york.ac.uk>:
>> ping 213.205.96.91 does not respond any more,
>> a ssh (back) on my machine does not work: eschyle.homedns.org (or
>> 86.10.230.254)
>> Destination     Gateway         Genmask         Flags   MSS Window  irtt
>> Iface
>> 0.0.0.0         0.0.0.0         0.0.0.0         U         0 0          0
>> ppp0
> Typical VPN scenario - your default gateway after setting up the VPN
> is to route all packets via the VPN iself, so your machine is
> effectively inside the campus network, and all attempts to get to the
> outside world will be subject to the campus firewall rules. I've had
> this trouble in the past when setting up a VPN for a remote office in
> Germany just so they could use a single application on a server in the
> UK. Unfortunately, when they tried to use other apps (e.g. web
> browser) it was horribly slow because the web traffic went up the VPN
> out through the UK and then all the way back again. If all you want to
> access via the VPN is apps on campus, then manipulate the routing
> table to add the campus network via ppp0 and reinstate the default
> (0.0.0.0) to go back through eth0. If you're running an X session over
> the VPN you won't notice the difference, but it can cause problems in
> other ways. Routing tables aren't by default that clever.

Thank for the information.
THis is what I have done:
I have a fedora 10 machine.
I use Network connection to open the connection (the previous setting was
obtained by the default setting). Then I edit the route and set (add)
144.32.196.175 255.255.255.255 192.168.0.1 and check ignore automatically
obtained routes. make the connection, and I get:
144.32.196.175  192.168.0.1     255.255.255.255 UGH       0 0      0  ppp0
144.32.196.175  192.168.0.1     255.255.255.255 UGH       0 0      0  eth0
192.168.0.1     0.0.0.0         255.255.255.255 UH        0 0      0  ppp0
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0      0  eth0
0.0.0.0         0.0.0.0         0.0.0.0         U         0 0      0  ppp0

which is still not good (I cannot make a ping 213.205.96.91).

Than I try to get (by adding and deleting routes)
144.32.196.175  192.168.0.1     255.255.255.255 UGH       0 0          0 ppp0
192.168.0.0     0.0.0.0         255.255.255.0   U         0 0          0 eth0
0.0.0.0         192.168.0.1     0.0.0.0         UG        0 0          0 eth0

But it does break the vpn connection

Which routes should a get exactly ?

Thank

>
> cheers
> john
> (back out of hospital which is why I've been a bit quiet recently)
>
> _______________________________________________
> York mailing list
> York at lists.lug.org.uk
> https://mailman.lug.org.uk/mailman/listinfo/york
>

-- 
---
==========================================================================
  Patrick DUPRÉ                      |   |
  Department of Chemistry            |   |    Phone: (44)-(0)-1904-434384
  The University of York             |   |    Fax:   (44)-(0)-1904-432516
  Heslington                         |   |
  York YO10 5DD  United Kingdom      |   |    email: pd520 at york.ac.uk
==========================================================================

More information about the York mailing list