So I've had this working for some time now, but wanted to announce it to the
group. in case anyone wants to try.
I have a VPN router on vpn.w9cr.net
You can use an IP sec VPN dialer to connect to it and then get an IP out of a
/28 I have set aside for it. I don't mesh with the 44net ipip encap, but I
believe we have connectivity to that via the hamwan guys from Seattle.
I have no radius server or anything fancy, it's a crisco 1811 in my rack in tampa.
I've confirmed it works with the apple VPN dialer. carrar has it working under
windows with shrewsoft too.
If you want to test/play send me your callsign/name and a password
(numbers/letters/uppercase, no special char's), and I'll provision it and send
back the group ID and PSK.
73's
--
Bryan Fields
727-409-1194 - Voice
727-214-2508 - Fax
http://bryanfields.net
After completing a successful experiment that demonstrated just how easy it
can be to connect to amprnet without any need for a static public ip
address and by just a few peers working together I'm looking for interested
parties that may be interested in sharing the cost of a cloud based vpn
server which would then host a 44/24 netblock routed via bgp. use of
standard vpn tools makes this setup extremely easy and usable/compatable
with NAT firewalls, and standard dynamic routing protocols and tools make
things easy as well. I'd like to set this up based in the usa on plenty of
bandwidth. please speak up if you would be willing to share cost and help
make a go of this.
Eric
AF6EP
On 5/12/15 10:01 PM, Eric Fort wrote:
> I'd like to set this up based in the usa on plenty of
> bandwidth. please speak up if you would be willing to share cost and help
> make a go of this.
Eric,
I have some space and could probably figure out how to spin up a VM for you
here or just give you shell on a box. I'm collocated at 400 N Tampa which is
well connected to across multiple carriers.
Give me some details about what you're thinking. Will you be at Dayton?
--
Bryan Fields
727-409-1194 - Voice
727-214-2508 - Fax
http://bryanfields.net
Chris;
I tried to log on my account to do some notes and it says my account is
invalid...? Can you please double check and verify that it is still
valid? Thanks much!
--
The most difficult egg to beat is one that is hard boiled.
73 de Brian Rogers - N1URO
email: (see above)
Web: http://www.n1uro.net/
Ampr1: http://n1uro.ampr.org/
Ampr2: http://nos.n1uro.ampr.org
Linux Amateur Radio Services
axMail-Fax & URONode
http://uronode.sourceforge.nethttp://axmail.sourceforge.net
AmprNet coordinator for:
Connecticut, Delaware, Maine,
Maryland, Massachusetts,
New Hampshire, Pennsylvania,
Rhode Island, and Vermont.
Hello,
I recall some discussion on this a while back but don't remember if
there was a solution and can't find it in the archives ...
Is there a way to expire an announced encap route ? I'm trying to
concentrate all the UBC subnets back at our router there and an
experiment with 44.135.190/24 via another host isn't going away ... I
can purge it from the router itself but it looks like the rest of the
system is probably sending that subnet to the old (defunct) ip.
... Niall
Hello,
As someone new to the intricacies of port forwarding I have been puzzled
why I cannot maintain a connection when I have the entry shown below for
port 7300 active yet connections via port 6300 and 8000 work as
expected.
$IPTABLES -A FORWARD -d 44.131.8.0/27 -p tcp -m tcp --dport 6300:6310
-j ACCEPT
$IPTABLES -A FORWARD -d 44.131.8.0/27 -p tcp -m tcp --dport 7300:7310
-j ACCEPT
$IPTABLES -A FORWARD -d 44.131.8.0/27 -p tcp -m tcp --dport 8000:8011
-j ACCEPT
$IPTABLES -t nat -A PREROUTING -p tcp --dport 6300 -j DNAT
--to-destination 44.131.8.16:6300
#$IPTABLES -t nat -A PREROUTING -p tcp --dport 7300 -j DNAT
--to-destination 44.131.8.16:7300
$IPTABLES -t nat -A PREROUTING -p tcp --dport 8000 -j DNAT
--to-destination 44.131.8.16:8000
Placing a [ # ] as shown allows the connections.
Regards,
Ian..
A while ago Jason KY9J kindly sent me a copy of his script (which I have
since lost) to convert encap.txt to generate tunnels for a Cisco IOS
router.
Are you still subscribed to the list Jason or can anybody else help with
a copy of the script?
http://hamradio.ucsd.edu/mailman/private/44net/2012-November/000534.html
was the original thread.
Many thanks,
Nick G4IRX.
Whoever owns 44.131.160.1 you need to check your system configuration. It
cannot do anything with 255.255.255.255
Below what I am seeing
8:20:25.632390 IP 81.174.253.193 > 192.168.1.150: IP 44.131.160.1.5678 >
255.255.255.255.5678: UDP, length 120 (ipip-proto-4)
08:20:25.635667 IP 192.168.1.150 > 81.174.253.193: IP 44.135.90.2 >
44.131.160.1: ICMP host 255.255.255.255 unreachable, length 36
(ipip-proto-4)
--
cheers,
Don
- ve3zda
Could someone explain why the manual download of the gateways is different
than the what the portal shows?
A station had an ip address change yesterday and because I download daily I
manually changed to his new address. When the download took place this
morning his old address was sent and of course replaced the new one.
--
cheers,
Don
- ve3zda
