Re: [44net] Using Cisco Router as a gateway ?

Dear Jessie Thank for the config it is very close to what i have done I didnt use loopback and also didnt use tunnel source statement from the two following route lines ip route 0.0.0.0 0.0.0.0 24.229.88.254 May i assume that if a client on your 44 segment want to gain acess a host on the internet say google.com (which have non 44 net adress ) it wil be routed direct to the ISP without tunnel and since it has a 44 net source ip it will be probebly be filter by the ISP and therefore it will not be able to be reached to the destination ? if thats true how it can be overcome ? i want to give 44 network users acess to not only 44 network worldwide and more important to be able to reach these 44 net hosts from non 44 net IP (example is from work) Please Advice Thanks Forward Ronen - 4Z4ZQ http://www.ronen.org ----- Original Message ----- From: "Jesse Hindmarsh" &lt;jesse(a)hindmarsh.cc&gt; To: &quot;44Net(a)hamradio.ucsd.edu&quot; &lt;44net(a)hamradio.ucsd.edu&gt; Sent: Monday, December 28, 2015 9:00 PM Subject: Re: [44net] Using Cisco Router as a gateway ? > (Please trim inclusions from previous messages) > _______________________________________________ > Rouen, > > I hope I have enough in the config as I stripped a lot out to send this to > you. I am currently using a 3625 router and using it as a CME, DMVPN, and > PPTP server as well as an AMPRNet gateway. I have the 44.56.192.0 > 255.255.254.0 subnet allocated to me. I am not sure if I have the route > maps and route configuration setup correctly as I have my remote DMVPN > endpoints shut down now and cannot troubleshoot. When you are testing, > you should be able to ping 44.56.193.1 and telnet to that address as well. > I have included notes below: > > > ****************************************************************************************** > > ip name-server 44.64.192.254 <— DNS servers > ip name-server 44.56.192.254 > > > > > interface Loopback0 > ip address 44.56.193.1 255.255.255.0 <— Using one of my subnet addresses > for Loopback0 > ! > interface Tunnel1 <— Tunnel1 connecting to the AMPRNet gateway for all > other traffic > description Default AMPRNet tunnel > ip unnumbered Loopback0 > ip tcp adjust-mss 1360 > tunnel source 24.229.88.253 > tunnel destination 169.228.66.251 > tunnel mode ipip > > ! > ! > > interface FastEthernet0/0 <— Outside interface pointing to my ISP > (static IP) > ip address 24.229.88.253 255.255.255.240 > ip mtu 1400 > load-interval 30 > duplex auto > speed auto > > ! > ! > > interface FastEthernet0/1 <— Inside interface for devices on my network > ip address 44.56.192.254 255.255.255.240 > load-interval 30 > duplex auto > speed auto > > ! This section was omitted and is generated by the encapconvertnew.pl > script > ! > ! TUNNEL INTERFACES HERE > ! > > ip local policy route-map NET44-ROUTE-MAP <— Route Map to force local > generated traffic to Tunnel1 interface > > > ip route 0.0.0.0 0.0.0.0 24.229.88.254 <— default route to ISP > ip route 44.0.0.0 255.0.0.0 Tunnel1 <— route for all 44.0.0.0 traffic > not specified by a configured Interface/Route entry > > ! > ! This section was omitted and is generated by the encapconvertnew.pl > script > ! > ! ROUTE STATEMENTS HERE > ! > > ip access-list extended NET44-PBR <- Route map ACL for local generated > traffic and other interfaces as needed > permit ip any 44.0.0.0 0.255.255.255 > permit ip 44.0.0.0 0.255.255.255 any > ! > route-map NET44-ROUTE-MAP permit 10 <- Route map for local generated > traffic and other interfaces as needed > match ip address NET44-PBR > set default interface Tunnel1 > > ! > ! > ! > end > > ***************************************************************************************** > > > > > Thanks > Jesse - WC3XS > > > > On 12/28/15, 1:19 PM, "44Net on behalf of Drorap" > &lt;44net-bounces+jesse=hindmarsh.cc(a)hamradio.ucsd.edu on behalf of > drorap(a)netvision.net.il&gt; wrote: > >>(Please trim inclusions from previous messages) >>_______________________________________________ >>If your Gateway is a CISCO router may you please send me the config file >>dealing with the interfaces ? (the Ethernet and the Tunnel ) ? and the >>route commands so can take it as a reference ? >>Thanks Forward >>Ronen - 4Z4ZQ >>http://www.ronen.org >> >>----- Original Message ----- >>From: "Jesse Hindmarsh" &lt;jesse(a)hindmarsh.cc&gt; >>To: &quot;44Net(a)hamradio.ucsd.edu&quot; &lt;44net(a)hamradio.ucsd.edu&gt; >>Sent: Monday, December 28, 2015 5:30 AM >>Subject: Re: [44net] Using Cisco Router as a gateway ? >> >> >>> (Please trim inclusions from previous messages) >>> _______________________________________________ >>> My apologies, I am using a different script. That one I sent was not >>> correct… >>> >>> Use http://ah6bw.ampr.org/encapconvertnew.pl >>> >>> Thanks >>> Jesse - WC3XS >>> >>> >>> >>> >>> On 12/27/15, 10:25 PM, "44Net on behalf of Jesse Hindmarsh" >>> &lt;44net-bounces+jesse=hindmarsh.cc(a)hamradio.ucsd.edu on behalf of >>> jesse(a)hindmarsh.cc&gt; wrote: >>> >>>>(Please trim inclusions from previous messages) >>>>_______________________________________________ >>>>Going with Linux is definitely easier day to day, but I still use a >>>>Cisco >>>>router. I am using a slightly modified script from KY9J that works >>>>well. >>>>I start out with a saved base config on my router, then apply the config >>>>generated by the script provided by KY9J. I don’t save the config after >>>>that as it is too cumbersome to remove all the config before applying a >>>>new config. >>>> >>>>The website for the script is http://www.ky9j.com/tools/ and the file is >>>>encapconvert.pl >>>> >>>>Thanks >>>>Jesse - WC3XS >>>> >>>> >>>> >>>> >>>> >>>> >>>>On 12/27/15, 3:10 PM, "44Net on behalf of Rob Janssen" &gt;&gt;&gt;&gt;&lt;44net-bounces+jesse=hindmarsh.cc(a)hamradio.ucsd.edu on behalf of &gt;&gt;&gt;&gt;pe1chl(a)amsat.org&gt; wrote: >>>> >>>>>(Please trim inclusions from previous messages) >>>>>_______________________________________________ >>>>>> Subject: >>>>>> [44net] Using Cisco Router as a gateway ? >>>>>> From: >>>>>> Drorap &lt;drorap(a)netvision.net.il&gt; >>>>>> Date: >>>>>> 12/26/2015 10:22 PM >>>>>> >>>>>> To: >>>>>> AMPRNet working group &lt;44net(a)hamradio.ucsd.edu&gt; >>>>>> >>>>>> >>>>>> Hi there >>>>>> I have started to config a Cisco rouer to serve as a gateway for the >>>>>> AMPRNET >>>>>> I put in the command the following lines >>>>>> >>>>>> interface Tunnel0 >>>>>> ip unnumbered Ethernet0 >>>>>> no ip directed-broadcast >>>>>> tunnel source Ethernet0 >>>>>> tunnel destination 132.239.255.131 >>>>>> tunnel mode ipip >>>>> >>>>>Unfortunately due to the way tunnels work in Cisco and other commercial >>>>>routers you will >>>>>need to repeat that 300 times with different destinations and setup 500 >>>>>routes to route the >>>>>traffic, and repeat that regularly because the destinations and routes >>>>>change all the time. >>>>> >>>>>With a Linux system instead of the Cisco you can automate that very >>>>>easily. There are >>>>>possibilities to automate it on the Cisco (see that link Steve gave >>>>>you) >>>>>but still it will be a lot >>>>>easier to just use a Raspberry Pi or other small Linux system. >>>>> >>>>>Rob >>>>>