Bind IPs are wrong
6 views
Skip to first unread message
Jaaz
Sep 17, 2009, 3:32:31 PM9/17/09
to LeapingBytesAlmostVPN
I'm new to AlmostVPN and I'm wondering if it can do the following. I
didn't see the answer in any part of the home site...
When I read the project's description I think it says that it
generates a local IP/interface binding for each host. But when I try
this I see something like what would be the result of: # ifconfig lo0
alias 169.245.0.2 (and ...0.3) despite that I'm using 192.168.20.x for
my hosts.
First off, I can setup this manually with ssh: Lets say my internal
lan network address is 145.100.50.0. I have a host "remote" inside
my LAN at 145.100.50.1, and it's running virtualnamehosts on eth0:1
and eth0:2 plumbed with192.168.20.101 and 192.168.20.102. (My scenario
is that I need to reach several hosts behind the tunnel, each with
different SSL configs).
After adding the 192.168.20.* hosts to /etc/hosts, adding two
interfaces to the network config with these IPs, and finally running:
# ifconfig lo0 alias 192.168.20.101
# ifconfig lo0 alias 192.168.20.102
I then run:
# ssh -L 192.168.20.101:443:192.168.20.101:443 -L
192.168.20.102:443:192.168.20.102:443 root@remote
And viola! I can connect to these two hosts and everything works
great. (Btw, this all over a cellular ev-do card and Cisco VPN.)
But I really like the nice GUI you've created, so can this be done
with AVPN? Does anyone know why the 169.245.x.x addresses are being
aliased to lo0? (the Verizon network is 75.x.x.x and traceroute shows
no networks numbered like this).
PS, using command-line ssh I can just as well use dummy IPs for these
two hosts, like 10.0.0.1 & 10.0.0.2, but it seems then AVPN would need
to be able specify the local alias binding IP for each host+port
tunnel.
Any advice is much appreciated!
didn't see the answer in any part of the home site...
When I read the project's description I think it says that it
generates a local IP/interface binding for each host. But when I try
this I see something like what would be the result of: # ifconfig lo0
alias 169.245.0.2 (and ...0.3) despite that I'm using 192.168.20.x for
my hosts.
First off, I can setup this manually with ssh: Lets say my internal
lan network address is 145.100.50.0. I have a host "remote" inside
my LAN at 145.100.50.1, and it's running virtualnamehosts on eth0:1
and eth0:2 plumbed with192.168.20.101 and 192.168.20.102. (My scenario
is that I need to reach several hosts behind the tunnel, each with
different SSL configs).
After adding the 192.168.20.* hosts to /etc/hosts, adding two
interfaces to the network config with these IPs, and finally running:
# ifconfig lo0 alias 192.168.20.101
# ifconfig lo0 alias 192.168.20.102
I then run:
# ssh -L 192.168.20.101:443:192.168.20.101:443 -L
192.168.20.102:443:192.168.20.102:443 root@remote
And viola! I can connect to these two hosts and everything works
great. (Btw, this all over a cellular ev-do card and Cisco VPN.)
But I really like the nice GUI you've created, so can this be done
with AVPN? Does anyone know why the 169.245.x.x addresses are being
aliased to lo0? (the Verizon network is 75.x.x.x and traceroute shows
no networks numbered like this).
PS, using command-line ssh I can just as well use dummy IPs for these
two hosts, like 10.0.0.1 & 10.0.0.2, but it seems then AVPN would need
to be able specify the local alias binding IP for each host+port
tunnel.
Any advice is much appreciated!
Jaaz
Sep 17, 2009, 3:39:51 PM9/17/09
to LeapingBytesAlmostVPN
Wouldn't you know it. Just as soon as I posted I found the reason it
wasn't working. I hadn't unchecked the "Automatic Alias Address" on
the Alias Host configure screen (where the host is copied under the
profile).
When unchecked, the alias now matches the host IP!
:)
wasn't working. I hadn't unchecked the "Automatic Alias Address" on
the Alias Host configure screen (where the host is copied under the
profile).
When unchecked, the alias now matches the host IP!
:)
andrei....@gmail.com
Sep 17, 2009, 3:47:16 PM9/17/09
to LeapingBytesAlmostVPN
AVPN uses IP range 169.245.x.x in order to avoid collision with any
"REAL" IP addresses. This particular range defined as "link local"
block and almost guarantied not to be in use in "properly" configured
network (http://tools.ietf.org/html/rfc3330).
Why are you concern about it at all? This is "normal" behavior for
AVPN. Do you think that it cause any particular problems?
Andrei
Leaping Bytes, LLC
"REAL" IP addresses. This particular range defined as "link local"
block and almost guarantied not to be in use in "properly" configured
network (http://tools.ietf.org/html/rfc3330).
Why are you concern about it at all? This is "normal" behavior for
AVPN. Do you think that it cause any particular problems?
Andrei
Leaping Bytes, LLC
Jaaz
Sep 17, 2009, 5:09:07 PM9/17/09
to LeapingBytesAlmostVPN
> Why are you concern about it at all? This is "normal" behavior for
> AVPN. Do you think that it cause any particular problems?
because my tunnels didn't work until I unchecked it and let the
192.168.20.x addrs be used. Also, I don't so this type of thing often
and I was unaware of standards in use like this.
Thanks for explaining this, and what a super nice tool! :)
Reply all
Reply to author
Forward
0 new messages