hello Robbie I did absolutely nothing changed, I sent you an email on this subject, which you probably have not answered for lack of time I feel that the restoration on this router does not restore anything, I'll still make a new backup for you as I had already report without documentation in my native language I am unable to change anything and I do not touch can you confirm me about the backup otherwise how?? is what I am connectable or not ... that is the question Robbies 73s André ON4HU
Le 16/01/14 19:20, Robbie De Lise a écrit :
(Please trim inclusions from previous messages) _______________________________________________ Dear Andre,
You have disabled the route back to the network:
[robbie@on4hu] > ip route print detail Flags: X - disabled, A - active, D - dynamic, C - connect, S - static, r - rip, b - bgp, o - ospf, m - m B - blackhole, U - unreachable, P - prohibit 0 X S dst-address=0.0.0.0/0 gateway=44.144.11.129 gateway-status=44.144.11.129 inactive distance=1 s target-scope=10 routing-mark=via_amprnet
1 ADS dst-address=0.0.0.0/0 gateway=192.168.1.1 gateway-status=192.168.1.1 reachable via ether1-g scope=30 target-scope=10 vrf-interface=ether1-gate
2 ADC dst-address=44.144.4.0/24 pref-src=44.144.4.2 gate gateway-status=ovpn-adc reachable distance=0 scope
3 ADC dst-address=44.144.11.128/28 pref-src=44.144.11.12 gateway-status=bridge-local reachable distance=0 s
4 ADC dst-address=192.168.1.0/24 pref-src=192.168.1.100 gateway-status=ether1-gateway reachable distance=0
- The gateway for rule 0 should be 44.144.4.1 and not your local router ip.
- You have disabled rule 0, meaning that all your outbound traffic is
being sent through your VDSL provider which does not know amprnet and thus the packets die a lonely death in a blackhole on the internet. 3) FYI: There is a mangle rule that uses rule 0, just to be clear;
[robbie@on4hu] > ip firewall mangle print Flags: X - disabled, I - invalid, D - dynamic 0 chain=prerouting action=mark-routing new-routing-mark=via_amprnet passthrough=yes in-interface=bridge-local
1 chain=output action=mark-routing new-routing-mark=via_amprnet passthrough=yes src-address=44.144.0.0/16 dst-address=!44.144.11.128/28
2 chain=prerouting action=mark-connection new-connection-mark=from_vpn passthrough=yes in-interface=ovpn-adc
3 chain=prerouting action=mark-routing new-routing-mark=via_amprnet passthrough=yes connection-mark=from_vpn
So since this route is disabled and misconfigured, no traffic is flowing back through the VPN to amprnet.
73s Robbie
On Thu, Jan 16, 2014 at 7:05 PM, sp2lob@tlen.pl wrote:
(Please trim inclusions from previous messages) _______________________________________________ Marius,
Besides, 44.144.11.136 reachability I checked additionally via AMPRNet VPN generously provided by OH7LZB.
Best regards. Tom - sp2lob
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net
44Net mailing list 44Net@hamradio.ucsd.edu http://hamradio.ucsd.edu/mailman/listinfo/44net