News: This forum is now permanently frozen.
Pages: [1]
Topic: Tunnel in tunnel  (Read 1277 times)
« on: April 04, 2008, 16:15:51 »
Tgellan *
Posts: 10

Hello,

I got a somewhat weird problem.
Currently I've got my m0n0wall box configured as a PPTP VPN, works like a charm. It sits behind the DSL router. Now I'm configuring a second box, in a similar way. Meaning I got another DSL router (both use dynamic IPs) and m0n0wall sits behind it. As both installations are geographically separated, I'd like to test the setup from behind the 2. m0n0.

So, what I did, I connected to my 1. m0n0, and copied most of the settings. In order to test it, I wanted to do simulate connecting from home. As I don't have a running PC there, I just tried using a tunnel in tunnel.

Tunnel in Tunnel:
- PC is on internal LAN behind m0n0-2
- Create a PPTP tunnel to external IP for m0n0-1 (any trafic is routed through that tunnel, PC is virtually in homeLAN)
- Create a second PPTP tunnel to external IP for m0n0-2 (PC with new IP should be virtually in remoteLAN)

So the idea is, first tunnel ends on the PPTP interface of m0n0-1. Second tunnel, enters tunnel-1, arrives at m0n0-1 as "tunnel in tunnel", travels through m0n0-1 to DSL-router-1 (which I see in the logs) and arrives back at m0n0-2 with a different IP, but on the same LAN... There is no PPTP log on m0n0-2 about a connection attempt though. I do see GRE packages and the TCP 1723 in the DSL router logs, both are routed as on DSL-1 to the correct IP of the respective m0n0wall.
The 2. tunnel does get to the username verification, but is stuck there, even stalling tunnel-1. In order to fix the tunnel-1, I've got to dis-/re-connect tunnel-1 :-(

I don't know if that if even possible, I didn't find anywhere that PPTP protocoll or m0n0wall prohibits that, but neither did I find a statement that it's possible?

Could anybody enlighten me on that subject?

Thank you very much,
Marco
 
Pages: [1]
 
 
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines