16 Jan
2014
16 Jan
'14
12:44 p.m.
hello Robbie
I did absolutely nothing changed, I sent you an email on this subject,
which you probably have not answered for lack of time
I feel that the restoration on this router does not restore anything,
I'll still make a new backup for you as I had already report without
documentation in my native language I am unable to change anything and I
do not touch
can you confirm me about the backup otherwise how??
is what I am connectable or not ... that is the question Robbies
73s
André ON4HU
Le 16/01/14 19:20, Robbie De Lise a écrit :
(Please trim inclusions from previous messages)
_______________________________________________
Dear Andre,
You have disabled the route back to the network:
[robbie@on4hu] > ip route print detail
Flags: X - disabled, A - active, D - dynamic,
C - connect, S - static, r - rip, b - bgp, o - ospf, m - m
B - blackhole, U - unreachable, P - prohibit
0 X S dst-address=0.0.0.0/0 gateway=44.144.11.129
gateway-status=44.144.11.129 inactive distance=1 s
target-scope=10 routing-mark=via_amprnet
1 ADS dst-address=0.0.0.0/0 gateway=192.168.1.1
gateway-status=192.168.1.1 reachable via ether1-g
scope=30 target-scope=10 vrf-interface=ether1-gate
2 ADC dst-address=44.144.4.0/24 pref-src=44.144.4.2 gate
gateway-status=ovpn-adc reachable distance=0 scope
3 ADC dst-address=44.144.11.128/28 pref-src=44.144.11.12
gateway-status=bridge-local reachable distance=0 s
4 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.100
gateway-status=ether1-gateway reachable distance=0
1) The gateway for rule 0 should be 44.144.4.1 and not your local router ip.
2) You have disabled rule 0, meaning that all your outbound traffic is
being sent through your VDSL provider which does not know amprnet and
thus the packets die a lonely death in a blackhole on the internet.
3) FYI: There is a mangle rule that uses rule 0, just to be clear;
[robbie@on4hu] > ip firewall mangle print
Flags: X - disabled, I - invalid, D - dynamic
0 chain=prerouting action=mark-routing new-routing-mark=via_amprnet
passthrough=yes in-interface=bridge-local
1 chain=output action=mark-routing new-routing-mark=via_amprnet
passthrough=yes src-address=44.144.0.0/16 dst-address=!44.144.11.128/28
2 chain=prerouting action=mark-connection new-connection-mark=from_vpn
passthrough=yes in-interface=ovpn-adc
3 chain=prerouting action=mark-routing new-routing-mark=via_amprnet
passthrough=yes connection-mark=from_vpn
So since this route is disabled and misconfigured, no traffic is
flowing back through the VPN to amprnet.
73s
Robbie
On Thu, Jan 16, 2014 at 7:05 PM, <sp2lob(a)tlen.pl> wrote:
--
forum => http://on4hu.be/phpbb/ inscrivez vous? New MediaWiki =>
http://on4hu.be/MediaWiki http://on4hu.dyndns.org:81/ http://www.on4hu.be/
ftp://ftp.on4hu.be/ ou ftp://on4hu.dyndns.org/ COMPUTERS ARE LIKE
AIR-CONDITIONERS THEY STOP WORKING PROPERLY AS SOON AS YOU OPEN WINDOWS.
(Please trim inclusions from previous messages)
_______________________________________________
Marius,
Besides, 44.144.11.136 reachability I checked additionally via AMPRNet VPN
generously provided by OH7LZB.
Best regards.
Tom - sp2lob
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net
_________________________________________
44Net mailing list
44Net(a)hamradio.ucsd.edu
http://hamradio.ucsd.edu/mailman/listinfo/44net