FreeBSD 6.3 - Ethernet Tunnel with VTUN ======================================= Public domain ******************************************************************************** ### Additional packages sysinstall ==> Configure ==> Distributions ==> man, src, ports ******************************************************************************** ### Kernel configuration # vi /usr/src/sys/i386/conf/GENERIC device tap device if_bridge # cd /usr/src # make buildkernel KERNCONF=GENERIC # make installkernel KERNCONF=GENERIC # reboot ******************************************************************************** ### VTUN installation # cd /usr/ports/net/vtun # make install clean && rehash ******************************************************************************** ### Server configuration # mv /usr/local/etc/vtund.conf /usr/local/etc/vtund.conf.bak # vi /etc/rc.conf defaultrouter="1.2.3.1" gateway_enable="YES" hostname="Server" sshd_enable="YES" usbd_enable="NO" sendmail_enable="NONE" keyrate="fast" keybell="off" cursor="destructive" blanktime="180" ifconfig_vr0_name="extif0" ifconfig_extif0="up" cloned_interfaces="bridge0" ifconfig_bridge0="inet 1.2.3.100/24 addm extif0 up" autobridge_interfaces="bridge0" autobridge_bridge0="tap*" vtund_enable="YES" # vi /usr/local/etc/vtund.conf default { type ether; proto udp; keepalive yes; speed 0; compress lzo:5; encrypt yes; } client1 { passwd pAsWwD001; device tap1; } client2 { passwd pAsWwD002; device tap2; } # /usr/local/etc/rc.d/vtund start ******************************************************************************** ### Client configuration # mv /usr/local/etc/vtund.conf /usr/local/etc/vtund.conf.bak # vi /etc/rc.conf defaultrouter="10.20.30.1" gateway_enable="YES" hostname="Client1" sshd_enable="YES" usbd_enable="YES" sendmail_enable="NONE" keyrate="fast" keybell="off" cursor="destructive" blanktime="180" ifconfig_rl0_name="intif0" ifconfig_dc0_name="extif0" ifconfig_intif0="up" ifconfig_extif0="inet 10.20.30.100/24 up" cloned_interfaces="bridge0" ifconfig_bridge0="inet 10.0.1.1/24 addm intif0 up" autobridge_interfaces="bridge0" autobridge_bridge0="tap*" vtunclient_flags="client1 1.2.3.100" vtunclient_enable="YES" # vi /usr/local/etc/vtund.conf default { type ether; proto udp; keepalive yes; } client1 { persist yes; password pAsWwD001; device tap0; } # /usr/local/etc/rc.d/vtunclient start ******************************************************************************** ### Old stuff Server side: # vi /usr/local/etc/vtund.conf default { type ether; proto udp; keepalive yes; } jupiter { passwd pAsWwD123; up { ifconfig "%% 172.30.98.1 netmask 255.255.255.0"; ifconfig "bridge0 create"; ifconfig "bridge0 addm %% addm rl0"; ifconfig "bridge0 inet 172.30.98.3/24"; route "add -net 10.20.30.0/25 172.30.98.2"; }; down { ifconfig "%% down"; ifconfig "bridge0 down"; }; } # vi /etc/rc.conf defaultrouter="1.2.3.1" gateway_enable="YES" hostname="Venus.neverland.net" ifconfig_rl0="inet 1.2.3.4 netmask 255.255.255.240" ifconfig_rl1="inet 172.30.69.1 netmask 255.255.255.0" keyrate="fast" linux_enable="YES" moused_enable="NO" sshd_enable="YES" usbd_enable="NO" vtund_enable="YES" Client side: # vi /usr/local/etc/vtund.conf default { type ether; proto udp; keepalive yes; } jupiter { persist yes; pass pAsWwD123; up { ifconfig "%% 172.30.98.2 netmask 255.255.255.0"; ifconfig "bridge0 create"; ifconfig "bridge0 addm %% addm vr1"; ifconfig "bridge0 inet 172.30.98.4/24"; route "add -net 0.0.0.0/0 172.30.98.1"; }; down { ifconfig "%% down"; ifconfig "bridge0 down"; }; } # vi /etc/rc.conf #defaultrouter="172.30.69.1" gateway_enable="YES" hostname="Mars.neverland.net" ifconfig_vr0="inet 172.30.69.2 netmask 255.255.255.0" ifconfig_vr1="inet 10.20.30.1 netmask 255.255.255.128" linux_enable="YES" moused_enable="NO" sshd_enable="YES" keyrate="fast" vtunclient_enable="YES" vtunclient_flags="jupiter 172.30.69.1" ******************************************************************************** _BY: Pejman Moghadam_ _TAG: vtun_ _DATE: 2008-06-07 14:38:58_