Re: [44net] UCSD tunnel behing NAT and Firewall setting ?

---------- Forwarded message ---------- From: Steve L <kb9mwr(a)gmail.com> To: AMPRNet working group <44net(a)mailman.ampr.org> Cc: Bcc: Date: Mon, 20 May 2019 11:14:45 -0500 Subject: Re: [44net] UCSD tunnel behing NAT and Firewall setting ? IPIP requires Protocol 4 forwarding (or DMZ) at the firewall to the gateway. OpenVPN handshakes are about every 5 seconds, between the client and server. The client creates and maintains an active connection to the server at all times. This allows the server to track a reverse way back to the client. Since we are decentralized, meaning we don't all reach each other thru a central server, we'd have to have maintain handshaking to each other ampr gateway. I forget what Brian last said there were in terms of a number of IPIP gateways, but that would obviously be a lot of data, and thus not practical. The only other VPN like architecture that I know of that works like what we are doing is Tinc, as it supports mesh routing too. But I haven't played with it yet. Your other option is to setup a VPS, bring in a subnet via BPG, and then used whatever method you like (OpenVPN, etc) to bring it from the VPS to your firewall restricted gateway. A solution that John, K7VE has been pointing out (https://groups.io/g/net-44-vpn) Steve On Mon, May 20, 2019 at 1:41 AM R P via 44Net <44net(a)mailman.ampr.org> wrote: allow any traffic outbound) and a NAT ? IPIP still work .. I wonder if it is a router problem or the IPIP can pass thru like a VPN can pass ---------- Forwarded message ---------- From: Steve L via 44Net <44net(a)mailman.ampr.org> To: AMPRNet working group <44net(a)mailman.ampr.org> Cc: Steve L <kb9mwr(a)gmail.com> Bcc: Date: Mon, 20 May 2019 11:14:45 -0500 Subject: Re: [44net] UCSD tunnel behing NAT and Firewall setting ? _________________________________________ 44Net mailing list 44Net(a)mailman.ampr.org https://mailman.ampr.org/mailman/listinfo/44net