[nmglug] ftp over vpn,

Ed Brown ebrown at lanl.gov
Thu Jul 7 12:15:57 PDT 2005 

With the Cisco vpn client, 'route' doesn't reflect the new route
info, but that may be unique to Cisco's client, because it uses a kernel
module (and precludes the vpnclient machine from becoming a gateway to
other networks).  This probably isn't the case for vpnc, since it is all
userspace. 

Anyway, it's clear that the vpn tunnel isn't being set up.  There should
be a 'tun0' network device, iirc.  There has to be support for this
device compiled in the kernel, maybe it's not in yours?  I'm surprised
you see a running process, and not some errors when starting up,
possibly in the logs?

It's been a few months since I tried vpnc out, will give it a try again
tonight or this weekend to see if it leads to any other ideas.  

-Ed  

On Thu, 2005-07-07 at 12:35, Andres Paglayan wrote:
> route display
> #> route
> Kernel IP routing table
> Destination     Gateway         Genmask         Flags Metric Ref    Use 
> Iface
> 192.168.1.0     *               255.255.255.0   U     0      0        0 eth0
> default         192.168.1.1     0.0.0.0         UG    0      0        0 eth0
> 
> I can't ping the ftp server.
> 
> I can ping the gateway,
> 
> ifconfig
> eth0      Link encap:Ethernet  HWaddr 00:0C:6E:3A:71:1C 
>           inet addr:192.168.1.7  Bcast:192.168.1.255  Mask:255.255.255.0
>           inet6 addr: fe80::20c:6eff:fe3a:711c/64 Scope:Link
>           UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>           RX packets:38143876 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:60724772 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:1000
>           RX bytes:3624853639 (3.3 GiB)  TX bytes:3787164031 (3.5 GiB)
>           Interrupt:20 Base address:0x8000
> 
> lo        Link encap:Local Loopback 
>           inet addr:127.0.0.1  Mask:255.0.0.0
>           inet6 addr: ::1/128 Scope:Host
>           UP LOOPBACK RUNNING  MTU:16436  Metric:1
>           RX packets:42430 errors:0 dropped:0 overruns:0 frame:0
>           TX packets:42430 errors:0 dropped:0 overruns:0 carrier:0
>           collisions:0 txqueuelen:0
>           RX bytes:24845276 (23.6 MiB)  TX bytes:24845276 (23.6 MiB)
> 
> 
> Ed Brown wrote:
> 
> >Not sure what you mean by 'route display'...   Can you ping the ftp
> >server ip address?  Can you ping the vpn gateway address?  What does
> >'ifconfig' show?
> >
> >
> >On Thu, 2005-07-07 at 11:51, Andres Paglayan wrote:
> >  
> >
> >>Im sure it reads the conf file, if I take the password off it will prompt,
> >>but after running vpnc-connect there is no change at all in the route 
> >>display,
> >>will check again with them what I should enter in the .conf file,
> >>Thank you very much for your feed-back
> >>
> >>
> >>Ed Brown wrote:
> >>
> >>    
> >>
> >>>Andres,
> >>>
> >>>The vpnc-connect script should handle setting up the routing info for
> >>>you, once your configuration file is correct.  (Take a look at the last
> >>>few lines of vpnc-connect, there are probably several 'route' commands.)
> >>>
> >>>After running vpnc-connect, just try this to see if you are really
> >>>connected:
> >>>ping ip.of.ftp.server
> >>>
> >>>I wonder if the 'default.conf' file is being consulted: that might just
> >>>be a starting point conf file.  You might try renaming your edited
> >>>version of 'default.conf' to 'vpnc.conf'.  At least that's what the
> >>>config file was called when I was trying out vpnc.
> >>>
> >>>-Ed   
> >>>
> >>>On Thu, 2005-07-07 at 10:47, Andres Paglayan wrote:
> >>> 
> >>>
> >>>      
> >>>
> >>>>well, you might hit the nail,
> >>>>I did configure /etc/vpnc/default.conf according to the settings I got 
> >>>>        
> >>>>
> >>>>from them,
> >>>      
> >>>
> >>>>I run vpnc-connect script and it shows running in the background.
> >>>>I tried the
> >>>>route add ftp.server.ip ws the.vpn.ip
> >>>>and it says
> >>>>SIOCADDRT: Network is unreachable
> >>>>so I must be missing somethin in the use of vpnc
> >>>>   
> >>>>
> >>>>        
> >>>>
> >>>
> >>>_______________________________________________
> >>>nmglug mailing list
> >>>nmglug at nmglug.org
> >>>http://www.nmglug.org/mailman/listinfo/nmglug
> >>>
> >>>
> >>> 
> >>>
> >>>      
> >>>
> >>_______________________________________________
> >>nmglug mailing list
> >>nmglug at nmglug.org
> >>http://www.nmglug.org/mailman/listinfo/nmglug
> >>    
> >>
> >
> >
> >_______________________________________________
> >nmglug mailing list
> >nmglug at nmglug.org
> >http://www.nmglug.org/mailman/listinfo/nmglug
> >
> >
> >  
> >
> 
> 
> _______________________________________________
> nmglug mailing list
> nmglug at nmglug.org
> http://www.nmglug.org/mailman/listinfo/nmglug

More information about the nmglug mailing list