Personal tools
You are here: Home / Users / Ryan Tourge N2YQT / HSMM-MESH VPN Setup
HF Propagation

Donate!

We are a 501c3 non-profit. Donations are tax deductible! Our mailing address is below:

Warren County Radio Club Inc.
PO BOX 844
Glens Falls, NY 12801
 

HSMM-MESH VPN Setup

How to setup a VPN tunnel between nodes that do not have a RF path.

From Johan Engdahl, SM7I:

The HowTo for GRE tunneling can now be downloaded from the link below. This will be updated when needed so be sure to check in from time to another.

Original Article: http://www.ssra.se/upload/hsmm%20scripts.pdf
Dropbox: https://www.dropbox.com/s/fj3ihchhj34zt16/Establishing%20GRE%20Tunneling%20Between%20Broadband-Hamnet%20Nodes.pdf?dl=0

 

My config info as referenced in above:

I did however place "S51tun" in /etc/init.d and then linked to it from /etc/rc.d

cd /etc/rc.d
ln -f /etc/init.d/S51tun


root@K2RRT-2:/etc/rc.d# ls -al *tun
lrwxrwxrwx    1 root     root           18 Nov 11 08:30 S51tun -> /etc/init.d/S51tun


S51Tun in /etc/init.d from my "local" node, K2RRT-1:

#!/bin/sh /etc/rc.common
START=51

start()  {

# Firewall section is needed for applying rules to and from the tunnel interface and LAN as well as WLAN

iptables -D FORWARD 11
iptables -I FORWARD -i tun1 -o eth0.0 -j ACCEPT
iptables -I FORWARD -i eth0.0 -o tun1 -j ACCEPT
iptables -I FORWARD -i tun1 -o wl0 -j ACCEPT
iptables -I FORWARD -i wl0 -o tun -j ACCEPT

insmod ip_gre

# Tunnel to K2RRT-2

iptunnel add tun1 mode gre local 69.204.161.1 remote 208.125.126.195 ttl 225
ifconfig tun1 1.1.1.1 netmask 255.255.255.252 broadcast 1.1.1.3
ifconfig tun1 up
ifconfig tun1 multicast
ifconfig tun1 pointopoint 1.1.1.2


}

stop() {
iptunnel del tun1
}


S51Tun in /etc/init.d from my "remote" node, K2RRT-2:

#!/bin/sh /etc/rc.common
START=51

start()  {

# Firewall section is needed for applying rules to and from the tunnel interface and LAN as well as WLAN

iptables -D FORWARD 11
iptables -I FORWARD -i tun1 -o eth0.0 -j ACCEPT
iptables -I FORWARD -i eth0.0 -o tun1 -j ACCEPT
iptables -I FORWARD -i tun1 -o wl0 -j ACCEPT
iptables -I FORWARD -i wl0 -o tun -j ACCEPT

insmod ip_gre

# Tunnel to K2RRT-1

iptunnel add tun1 mode gre local 208.125.126.195 remote 69.204.161.1 ttl 225
ifconfig tun1 1.1.1.2 netmask 255.255.255.252 broadcast 1.1.1.3
ifconfig tun1 up
ifconfig tun1 multicast
ifconfig tun1 pointopoint 1.1.1.1


}

stop() {
iptunnel del tun1
}