Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 02 Jan 2009 23:38:02 -0800
From:      perryh@pluto.rain.com
To:        smithi@nimnet.asn.au
Cc:        freebsd-net@freebsd.org
Subject:   Re: tun0 not responding to ping
Message-ID:  <495f15da.kLIW2g4L%2B3rMjCXS%perryh@pluto.rain.com>
In-Reply-To: <20090103154232.P28770@sola.nimnet.asn.au>
References:  <495edc8b.yfwTDGtb9G/8NMur%perryh@pluto.rain.com> <20090103154232.P28770@sola.nimnet.asn.au>

next in thread | previous in thread | raw e-mail | index | archive | help
Ian Smith <nimnet.asn.au!smithi@agora.rdrop.com> wrote:

...
>  >   tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1412
>  >           inet6 fe80::2b0:d0ff:fe28:ad4f%tun0 prefixlen 64 scopeid 0x4
>  >           inet ZZZ.ZZZ.233.42 --> ZZZ.ZZZ.233.42 netmask 0xffffffff
>  >           Opened by PID 24635
>
> I don't know if this is relevant or not, but I've never seen
> a point to point interface use the same IP address on both ends
> of its link before.

I don't know either, nor whether -- and if so how -- it could keep
tun0 from responding to a ping of its own IP address.  It looks like
the same issue described, for a different way of connecting to a
Cisco 3000 from FreeBSD, here:

  http://www.cs.rpi.edu/~flemej/fbsd-cisco-vpn.pdf

If I am understanding the article correctly, the 3000 does something
unexpected in the course of setting up the P2P connection.  However:

* Since the FreeBSD config is completely different, I don't know
  to what extent the w/a described there would be applicable.

* Supposing that tun0 does need to be readdressed as

           inet ZZZ.ZZZ.233.42 --> ZZZ.ZZZ.2.13 netmask 0xffffffff

  -- where ZZZ.ZZZ.2.13 is the address of the Cisco box on
  ZZZ.ZZZ.0.0/16 -- I'm not at all clear on how a w/a should get
  that internal address in the general case.  (I got it by running
  a traceroute from an inside machine to a working VPN-connected
  Windows system, after not finding anything in the vpnc logs.)

* Since vpnc is supposed to have been written specifically to
  connect with Cisco 3000's and similar, I'd have expected it to
  somehow take care of the 3000's quirks rather than needing a
  separate w/a, although I don't know enough about either tun(4)
  or P2P to understand the details.



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?495f15da.kLIW2g4L%2B3rMjCXS%perryh>