[TriLUG] Routing question
Aaron Schrab
aaron at schrab.com
Thu Apr 14 13:14:57 EDT 2011
At 05:52 -0700 14 Apr 2011, Brian McCullough <bdmc at bdmcc-us.com> wrote:
>I sometimes want to connect to a VPN from one of my machines ( usually
>a laptop ) while at, for instance, Panera's. Unfortunately, perhaps,
>the remote LAN uses 192.168 addresses, which sometimes conflict with
>the "home" address range given to the laptop.
>
>I am using PPTP from the laptop, and as long as the address ranges
>don't conflict, everything is fine.
>
>I tried setting a "Local IP" address on the PPP connection, and that
>seemed to work, at least as far as the address of that port was
>concerned. Unfortunately, of course, I still didn't understand how to
>set up the routing for that path, because, for instance, there is a
>machine local to the laptop that has the address 192.168.1.123 while
>one of the machines that I want to access on the remote LAN has the
>address 192.168.1.123.
>
>I don't think that I can reset the default route so that ALL of the
>traffic goes through the tunnel -- Internet traffic, for instance,
>would still travel through the "local" network, not the remote one.
Before the PPTP connection is established, there's likely to be 2 routes
in the routing table (possibly a third for the loopback network), for
the local network, and a default route to the internet through the local
gateway.
That first network is the one causing trouble, but it's probably not
very interesting since you probably don't want to connect to anything
else at the Panera other than their internet gateway. So you should be
able to replace the route to that network with a host route to their
gateway.
Assuming that the gateway is at 192.168.1.1 and it's a /24 network the
commands would be something like:
route del -net 192.168.1.0 netmask 255.255.255.0
route add -host 192.168.1.1 dev eth0
You can then setup the PPTP connection using some bit of RFC1918 space
that isn't in use either at the remote end or at your local end to avoid
conflicts, and use the remote end as the gateway for a new route to the
network you want to use. Assuming that the PPTP connection is using
192.168.2.1 for the far end this would look something like:
route add -net 192.168.1.0 netmask 255.255.255.0 gw 192.168.2.1
If there's a host at the remote end that's using the same IP address as
is used by the local gateway (192.168.1.1 in this example), that would
still be unavailable to you, but this should allow you to access
anything else on that network.
More information about the TriLUG
mailing list