30 Jan
2021
30 Jan
'21
8:46 a.m.
Hi Marius,
I just realized my previous reply didn't go to the list. I did add all of
the FW rules documented in the Wiki and also added the new one to
TUNNEL_LOCAL to allow UDP 520. After no luck I also added a rule to
WAN_LOCAL to accept UDP 520. Still no joy. Perhaps I need to specify
something using the -a parameter in the script. I'm not sure exactly what
the example does being that it is simply a comma separated list of
subnets. Do I need to exclude my own /29 subnet using this? (Below is the
example from the Wiki.)
-a 44.0.0.1/32,44.128.1.0/24,44.128.2.0/24,your.gw.com
Thanks,
Lee K5DAT
On Sun, Jan 24, 2021 at 11:30 PM Marius Petrescu <marius(a)yo2loj.ro> wrote:
Lee,
First of all, the password is hardcoded and the option ist there to be
able to change it should it be ever required.
But regarding the RIP packets and the routes: did you create the proper
firewall rules to allow incoming IPIP from eth0 as described in 'Router
preparation' and a rule accepting incoming data from the tunnels (that
tunnel_local part)?
At least a firewall rule to accept RIP is needed for the tunnel interface.
That one was missing in the firewall setup instructions, I added it to
the instructions in the wiki.
Marius, YO2LOJ