Hi Marius,
I just realized my previous reply didn't go to the list. I did add all of the FW rules documented in the Wiki and also added the new one to TUNNEL_LOCAL to allow UDP 520. After no luck I also added a rule to WAN_LOCAL to accept UDP 520. Still no joy. Perhaps I need to specify something using the -a parameter in the script. I'm not sure exactly what the example does being that it is simply a comma separated list of subnets. Do I need to exclude my own /29 subnet using this? (Below is the example from the Wiki.)
-a 44.0.0.1/32,44.128.1.0/24,44.128.2.0/24,your.gw.com
Thanks, Lee K5DAT
On Sun, Jan 24, 2021 at 11:30 PM Marius Petrescu marius@yo2loj.ro wrote:
Lee,
First of all, the password is hardcoded and the option ist there to be able to change it should it be ever required.
But regarding the RIP packets and the routes: did you create the proper firewall rules to allow incoming IPIP from eth0 as described in 'Router preparation' and a rule accepting incoming data from the tunnels (that tunnel_local part)?
At least a firewall rule to accept RIP is needed for the tunnel interface.
That one was missing in the firewall setup instructions, I added it to the instructions in the wiki.
Marius, YO2LOJ