Comments on: IP GRE Cisco Linux http://www.x83.net/ip-gre-cisco-linux/ Thu, 22 Jul 2010 11:25:28 +0300 http://wordpress.org/?v=2.9.2 hourly 1 By: Giany http://www.x83.net/ip-gre-cisco-linux/comment-page-1/#comment-1425 Giany Tue, 11 May 2010 12:06:40 +0000 http://x83.net/blog/?p=7#comment-1425 Try debugging with tcpdump. Most likely you did not set the proper iproute rules. Try debugging with tcpdump. Most likely you did not set the proper iproute rules.

]]> By: neptor http://www.x83.net/ip-gre-cisco-linux/comment-page-1/#comment-1364 neptor Fri, 07 May 2010 02:27:18 +0000 http://x83.net/blog/?p=7#comment-1364 Hello, i've the similar situation, even i have to forwrding traffic from gre (ciscolinux) to internet, so in my iptables i've set : #Permiting linux to act as router (necessary to forward packets) echo "1" > /proc/sys/net/ipv4/ip_forward # first the port then the protocol $fw -A INPUT -p 47 -j ACCEPT # permit any ppp interfase to forward $fw -A FORWARD -i cloud -o ppp0 -j ACCEPT $fw -A FORWARD -o cloud -i ppp0 -j ACCEPT # any "related" activity to something already permitted, should be accepted: $fw -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT # masquerade anything going out from this server: $fw -t nat -A POSTROUTING -o ppp0 -j MASQUERADE #$fw -t nat -A POSTROUTING -o ppp0 -j SNAT --to $myextip $fw -t nat -A POSTROUTING -o ppp0 -j SNAT --to-source $myextip $fw -A FORWARD -i cloud -o ppp0 -m state --state ESTABLISHED,RELATED -j ACCEPT so i see the traffic comming from cisco, and going to internet avec mu ppp0 NIC, but it never come back. Can you tell me what's wrong with mon iptables ? Hello,

i’ve the similar situation, even i have to forwrding traffic from gre (ciscolinux) to internet, so in my iptables i’ve set :

#Permiting linux to act as router (necessary to forward packets)
echo “1″ > /proc/sys/net/ipv4/ip_forward
# first the port then the protocol
$fw -A INPUT -p 47 -j ACCEPT

# permit any ppp interfase to forward
$fw -A FORWARD -i cloud -o ppp0 -j ACCEPT
$fw -A FORWARD -o cloud -i ppp0 -j ACCEPT

# any “related” activity to something already permitted, should be accepted:
$fw -A FORWARD -m state –state ESTABLISHED,RELATED -j ACCEPT

# masquerade anything going out from this server:
$fw -t nat -A POSTROUTING -o ppp0 -j MASQUERADE
#$fw -t nat -A POSTROUTING -o ppp0 -j SNAT –to $myextip
$fw -t nat -A POSTROUTING -o ppp0 -j SNAT –to-source $myextip
$fw -A FORWARD -i cloud -o ppp0 -m state –state ESTABLISHED,RELATED -j ACCEPT

so i see the traffic comming from cisco, and going to internet avec mu ppp0 NIC, but it never come back.

Can you tell me what’s wrong with mon iptables ?

]]>