General discussion

Locked

VPN Masquerading support on Kernel 2.4

By agastya ·
Hi:
There was a patch provided for 2.2.x versions of the Linux kernel to assist with VPN masquerading. (it works with IPCHAINS)
Is there such a patch available for kernel 2.4.x ?
If not is it possible to setup iptables to allow
masquerdaing with VPN ?

Thanks much

Ramdev/-

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
Thread display: Collapse - | Expand +

All Comments

Collapse -

VPN Masquerading support on Kernel 2.4

by Shanghai Sam In reply to VPN Masquerading support ...

HI,

Some bad news first, I've seen that a few linux flavors, use ipchains or iptables, and they can't run in the same kernel. The only way you can have a mix of both is recompiling your kernel. By now I'm installing iptables 1.2.4 using iptables NAT features to set up a IPsec tunnel generator. I moved to iptables because ipchains is too hard to handle, the only shaper that works quite good is cipe. But it's a static VPN. As we need a dynamic tunnel generator, I started to develop some iptables scripts. But they are experimental at this time. To set up all the iptables features you have to use version 1.2.4. and of course recompile the kernel. Ipchains handles the packet's header, with no socket handling. With iptables, you can handle the header, socket, and the mac address of the WAN interface at both ends, (some other things like dynamic NAT, and other stuff).

Hope it helps !

Collapse -

VPN Masquerading support on Kernel 2.4

by schannachie In reply to VPN Masquerading support ...

Hi again,

I've forgot in my last comment (above) that if you are going to set a VPN you can set the band width with iptables, so you can set this also. And over this packet filter you can set the vpn shaper of your choise.

Good luck, and hope it helps


shannachie

Back to Linux Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums