[prev in list] [next in list] [prev in thread] [next in thread]
List: fwknop-discuss
Subject: Re: [Fwknop-discuss] fwknopd and OpenVPN tunnel
From: Jonathan Bennett <jbscience87 () gmail ! com>
Date: 2017-12-03 21:41:09
Message-ID: CAB-pspdheJ++31+a0uAjvcnv6Wh8-3Dt79rh-=6zT5ymdmvAeQ () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (multipart/alternative)]
I'll also add that Barrier Breaker is ancient now. You might look at the
latest Lede release, as it has packages for up to date fwknop.
On Sun, Dec 3, 2017, 3:28 PM Michael Rash <michael.rash@gmail.com> wrote:
> On Sun, Dec 3, 2017 at 11:13 AM, Thomas Link <link@gmx.de> wrote:
>
>> Hi all,
>>
>> =EF=BB=BF
>>
>> I'm running an OpenWRT (Barrier Breaker) Internet router on a broadband
>> connection providing Dual stack light IPv6. I require access to my netwo=
rk
>> based on IPv4, therefor I'm using a service provider to provide an stati=
c
>> IPv4 address which connects via an OpenVPN tunnel via IPv6 to my interne=
t
>> router.
>>
>>
>> I was planning to use fwknopd (running on OpenWRT) to allow SSH access t=
o
>> some internal hosts I configured fwknopd to monitor tun0, , but I can't =
get
>> it work.
>>
>
> I haven't tried monitoring an interface like tun0, but I wonder if there
> might be an issue detecting the link type assuming you are using fwknopd =
in
> pcap mode (instead of UDP only mode). If you run fwknopd manually with
> 'fwknopd -i tun0 -v -f' and you send a SPA packet, does fwknopd seem to s=
ee
> it?
>
> Thanks,
>
> --Mike
>
>
>
>>
>> Is this kind of setup, when fwknopd is supposed to detect an SPA incomin=
g
>> from an establied OpenVPN tunnel supposed to work? Or even better has
>> someone already get it working and may point me in the right direction?
>>
>>
>> Regards
>>
>> Thomas
>>
>>
>> ------------------------------------------------------------------------=
------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Fwknop-discuss mailing list
>> Fwknop-discuss@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
>>
>>
> -------------------------------------------------------------------------=
-----
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Fwknop-discuss mailing list
> Fwknop-discuss@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
>
[Attachment #5 (text/html)]
<p dir="ltr">I'll also add that Barrier Breaker is ancient now. You might look \
at the latest Lede release, as it has packages for up to date fwknop.</p> <br><div \
class="gmail_quote"><div dir="ltr">On Sun, Dec 3, 2017, 3:28 PM Michael Rash <<a \
href="mailto:michael.rash@gmail.com">michael.rash@gmail.com</a>> \
wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 \
.8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div \
class="gmail_extra"><div class="gmail_quote">On Sun, Dec 3, 2017 at 11:13 AM, Thomas \
Link <span dir="ltr"><<a href="mailto:link@gmx.de" \
target="_blank">link@gmx.de</a>></span> wrote:<br><blockquote class="gmail_quote" \
style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><u></u>
<div>
<p style="padding:0;margin:0"><span \
id="m_-8722574442647834045m_-801514418197761640_mce_caret"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif">Hi \
all,</span></span></p><p style="padding:0;margin:0" \
id="m_-8722574442647834045m_-801514418197761640dirtyP"><span \
id="m_-8722574442647834045m_-801514418197761640_mce_caret"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif"><br></span></span></p><p \
style="padding:0;margin:0"><span \
id="m_-8722574442647834045m_-801514418197761640_mce_caret"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif">I'm running \
an OpenWRT (Barrier Breaker) Internet router on a broadband connection providing Dual \
stack light IPv6. I require access to my network based on IPv4, therefor I'm \
using a service provider to provide an static IPv4 address which connects via an \
OpenVPN tunnel via IPv6 to my internet router.</span></span></p><p \
style="padding:0;margin:0"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif"><br></span></p><p \
style="padding:0;margin:0"><span \
id="m_-8722574442647834045m_-801514418197761640_mce_caret"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif">I was planning \
to use fwknopd (running on OpenWRT) to allow SSH access to some internal hosts I \
configured fwknopd to monitor tun0, , but I can't get it \
work.</span></span></p></div></blockquote><div><br></div></div></div></div><div \
dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div>I haven't tried \
monitoring an interface like tun0, but I wonder if there might be an issue detecting \
the link type assuming you are using fwknopd in pcap mode (instead of UDP only mode). \
If you run fwknopd manually with 'fwknopd -i tun0 -v -f' and you send a SPA \
packet, does fwknopd seem to see \
it?</div><div><br></div><div>Thanks,</div><div><br></div><div>--Mike</div></div></div></div><div \
dir="ltr"><div class="gmail_extra"><div class="gmail_quote"><div><br></div><div> \
</div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc \
solid;padding-left:1ex"><div><p style="padding:0;margin:0"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif"><br></span></p><p \
style="padding:0;margin:0"><span \
id="m_-8722574442647834045m_-801514418197761640_mce_caret"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif">Is this kind of \
setup, when fwknopd is supposed to detect an SPA incoming from an establied OpenVPN \
tunnel supposed to work? Or even better has someone already get it working and may \
point me in the right direction?<br></span></span></p><p \
style="padding:0;margin:0"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif"><br></span></p><p \
style="padding:0;margin:0"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif">Regards</span></p><span \
class="m_-8722574442647834045HOEnZb"><font color="#888888"><p \
style="padding:0;margin:0"><span \
style="font-size:10pt;font-family:tahoma,arial,helvetica,sans-serif">Thomas</span></p>
</font></span></div>
<br>------------------------------------------------------------------------------<br>
Check out the vibrant tech community on one of the world's most<br>
engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" \
rel="noreferrer" target="_blank">http://sdm.link/slashdot</a><br>_______________________________________________<br>
Fwknop-discuss mailing list<br>
<a href="mailto:Fwknop-discuss@lists.sourceforge.net" \
target="_blank">Fwknop-discuss@lists.sourceforge.net</a><br> <a \
href="https://lists.sourceforge.net/lists/listinfo/fwknop-discuss" rel="noreferrer" \
target="_blank">https://lists.sourceforge.net/lists/listinfo/fwknop-discuss</a><br> \
<br></blockquote></div></div></div>
------------------------------------------------------------------------------<br>
Check out the vibrant tech community on one of the world's most<br>
engaging tech sites, Slashdot.org! <a href="http://sdm.link/slashdot" \
rel="noreferrer" target="_blank">http://sdm.link/slashdot</a>_______________________________________________<br>
Fwknop-discuss mailing list<br>
<a href="mailto:Fwknop-discuss@lists.sourceforge.net" \
target="_blank">Fwknop-discuss@lists.sourceforge.net</a><br> <a \
href="https://lists.sourceforge.net/lists/listinfo/fwknop-discuss" rel="noreferrer" \
target="_blank">https://lists.sourceforge.net/lists/listinfo/fwknop-discuss</a><br> \
</blockquote></div>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Fwknop-discuss mailing list
Fwknop-discuss@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/fwknop-discuss
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic