[ILUG] eircom and vpn frustration

Robert Sweetnam linux at sweetnam.eu
Sun Feb 8 16:19:27 GMT 2009 

Apologies for top posting! I had a similar issue with the netopias.  
The solution I used was to configure the netopia to pass the ip  
address from eircom to the Linux VPN server. (IP Passthrough)

In my case the VPN server was also a firewall for the LAN behind it.

Hope this helps.
Robert

On 8 Feb 2009, at 15:52, Brendan Kehoe <brendan at zen.org> wrote:

> I'm still struggling to get a VPN to be up and happy ... the openvpn  
> config on both ends is fine.  But depending on the DSL modem I use,  
> it'll work or it won't.
>
> If I try to use the Linksys WAG54GS router, the VPN works  
> wonderfully...but the DSL connection keeps dropping.
>
> If I put back the Netopia 2247 from Eircom, the DSL stays up fine.   
> But the VPN won't work---mostly.  I've got UDP port 1194 forwarded  
> from the Netopia to my ubuntu host at 192.168.1.2.  When I start up  
> OpenVPN, in a moment the other end of the VPN connects (Peer  
> Connection Initiated with a.b.c.d, and then Initialization Sequence  
> Completed).  But I can't ping it.  (Where at this same point with  
> the Linksys with 1194 udp port forwarding in the same way, I can.)
>
> However, there's an interesting effect: if I modify the services/ 
> port forwarding on the Netopia, like enable/disable 1194 *TCP*,  
> there's a moment during the router making that change that it lets a  
> packet go through!  My ping to the other end of the vpn, which is  
> usually saying "Request timed out", actually shows a successful ping  
> at 52ms or so, which is the right speed and everything.  And then  
> goes back to "Request timed out".  This suggests to me that the  
> eircom box has some sort of rules in place to block the traffic or  
> in some other way mess with the port forwarding.  Such a setting is  
> getting disabled or changed during the Disable/Enable choice for the  
> other service, then it stops.  (I've definitely got both ends of the  
> openvpn configured for udp, and know it works as such with the  
> linksys in place.)
>
> I'm trying to dig around netopia's site, and other forums, but so  
> far no hints on why it might want to work but only a little.  I've  
> got a second, newer version of the Netopia 2247 (sent my Eircom to  
> replace our own dead one, but it took them nearly two MONTHS to  
> actually have it show up). That behaves exactly the same way as the  
> older/current one.
>
> Another option is to get a Netgear modem and try that, but time's  
> gone for today to try to get one/use it.
>
> Have any of you found any particular tricks to get the Netopia modem  
> to be more willing to help?
>
> Thanks for any suggestions,
> B
>
> -- 
> Irish Linux Users' Group mailing list
> About this list : http://mail.linux.ie/mailman/listinfo/ilug
> Who we are : http://www.linux.ie/
> Where we are : http://www.linux.ie/map/

More information about the ILUG mailing list