20 May
2019
20 May
'19
12:14 p.m.
IPIP requires Protocol 4 forwarding (or DMZ) at the firewall to the gateway.
OpenVPN handshakes are about every 5 seconds, between the client and
server. The client creates and maintains an active connection to the
server at all times. This allows the server to track a reverse way
back to the client.
Since we are decentralized, meaning we don't all reach each other thru
a central server, we'd have to have maintain handshaking to each other
ampr gateway. I forget what Brian last said there were in terms of a
number of IPIP gateways, but that would obviously be a lot of data,
and thus not practical.
The only other VPN like architecture that I know of that works like
what we are doing is Tinc, as it supports mesh routing too. But I
haven't played with it yet.
Your other option is to setup a VPS, bring in a subnet via BPG, and
then used whatever method you like (OpenVPN, etc) to bring it from the
VPS to your firewall restricted gateway. A solution that John, K7VE
has been pointing out (https://groups.io/g/net-44-vpn)
Steve
On Mon, May 20, 2019 at 1:41 AM R P via 44Net <44net(a)mailman.ampr.org> wrote:
---------- Forwarded message ----------
From: R P <ronenp(a)hotmail.com>
To: "44net(a)mailman.ampr.org" <44net(a)mailman.ampr.org>
Cc:
Bcc:
Date: Mon, 20 May 2019 06:37:54 +0000
Subject: UCSD tunnel behing NAT and Firewall setting ?
Hi there
I know that VPN can be done behind firewall NAT (from the client side)
Can the IPIP be made (from the gateway side) behind a Firewall (that allow any traffic
outbound) and a NAT ?
Untill few month ago my gateway sited on the DMZ and it worked
But i had changed the DMZ to point another IP and it seems that the IPIP still work ..
I wonder if it is a router problem or the IPIP can pass thru like a VPN can pass
Thanks For any Info
ronen- 4Z4ZQ