From owner-freebsd-net@FreeBSD.ORG Sat Jan 3 07:37:01 2009 Return-Path: Delivered-To: freebsd-net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E182F106566B for ; Sat, 3 Jan 2009 07:37:01 +0000 (UTC) (envelope-from perryh@pluto.rain.com) Received: from agora.rdrop.com (agora.rdrop.com [199.26.172.34]) by mx1.freebsd.org (Postfix) with ESMTP id C08678FC14 for ; Sat, 3 Jan 2009 07:37:01 +0000 (UTC) (envelope-from perryh@pluto.rain.com) Received: from agora.rdrop.com (66@localhost [127.0.0.1]) by agora.rdrop.com (8.13.1/8.12.7) with ESMTP id n037b1Ln018126 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Fri, 2 Jan 2009 23:37:01 -0800 (PST) (envelope-from perryh@pluto.rain.com) Received: (from uucp@localhost) by agora.rdrop.com (8.13.1/8.12.9/Submit) with UUCP id n037b1hg018125; Fri, 2 Jan 2009 23:37:01 -0800 (PST) Received: from fbsd61 by pluto.rain.com (4.1/SMI-4.1-pluto-M2060407) id AA04251; Fri, 2 Jan 09 23:35:35 PST Date: Fri, 02 Jan 2009 23:38:02 -0800 From: perryh@pluto.rain.com To: smithi@nimnet.asn.au Message-Id: <495f15da.kLIW2g4L+3rMjCXS%perryh@pluto.rain.com> References: <495edc8b.yfwTDGtb9G/8NMur%perryh@pluto.rain.com> <20090103154232.P28770@sola.nimnet.asn.au> In-Reply-To: <20090103154232.P28770@sola.nimnet.asn.au> User-Agent: nail 11.25 7/29/05 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: freebsd-net@freebsd.org Subject: Re: tun0 not responding to ping X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 03 Jan 2009 07:37:02 -0000 Ian Smith wrote: ... > > tun0: flags=8051 mtu 1412 > > inet6 fe80::2b0:d0ff:fe28:ad4f%tun0 prefixlen 64 scopeid 0x4 > > inet ZZZ.ZZZ.233.42 --> ZZZ.ZZZ.233.42 netmask 0xffffffff > > Opened by PID 24635 > > I don't know if this is relevant or not, but I've never seen > a point to point interface use the same IP address on both ends > of its link before. I don't know either, nor whether -- and if so how -- it could keep tun0 from responding to a ping of its own IP address. It looks like the same issue described, for a different way of connecting to a Cisco 3000 from FreeBSD, here: http://www.cs.rpi.edu/~flemej/fbsd-cisco-vpn.pdf If I am understanding the article correctly, the 3000 does something unexpected in the course of setting up the P2P connection. However: * Since the FreeBSD config is completely different, I don't know to what extent the w/a described there would be applicable. * Supposing that tun0 does need to be readdressed as inet ZZZ.ZZZ.233.42 --> ZZZ.ZZZ.2.13 netmask 0xffffffff -- where ZZZ.ZZZ.2.13 is the address of the Cisco box on ZZZ.ZZZ.0.0/16 -- I'm not at all clear on how a w/a should get that internal address in the general case. (I got it by running a traceroute from an inside machine to a working VPN-connected Windows system, after not finding anything in the vpnc logs.) * Since vpnc is supposed to have been written specifically to connect with Cisco 3000's and similar, I'd have expected it to somehow take care of the 3000's quirks rather than needing a separate w/a, although I don't know enough about either tun(4) or P2P to understand the details.