[vpnc-devel] ifconfig after vpnc establishes connection

Matthias Apitz guru at unixarea.de
Fri Apr 2 09:45:24 CEST 2010 

Hello,

This is with vpnc-0.5.3 and FreeBSD 8-CURRENT.

My company is moving from OpenVPN to Cisco's VPN and after some test I
could manage successful the authentication. Btw: The problem was that as
password I have to use a RSA FOB and because this wasn't used for a long
time the Radius server was asking for a second PIN to verify the 1st PIN
and get in sync again, and this re-asking appeared in vpnc as asking again
for the password (without the message enter the NEXT PIN) and let one
think that I miss typed the 1st PIN and reentered again; anyway now the
authentication is fine and the tun0 interface comes up like this:

# ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1412
        inet 10.49.94.100 --> 10.49.94.100 netmask 0xffffffff 
        Opened by PID 10372

Routing tables

Internet:
Destination        Gateway            Flags    Refs      Use  Netif Expire
default            10.49.96.1         UGS         0    43596  wlan0
10.0.1.0/24        10.49.94.100       UGS         0        9   tun0
10.44.20.0/24      10.49.94.100       UGS         0        0   tun0
10.44.30.0/24      10.49.94.100       UGS         0        0   tun0
...

and ofc, nothing works; I have had a look into the script which manages
the interface and routings /usr/local/sbin/vpnc-script and the ifconfig
is done as:

ifconfig "$TUNDEV" inet "$INTERNAL_IP4_ADDRESS" $ifconfig_syntax_ptp "$INTERNAL_IP4_ADDRESS" netmask 255.255.255.255 mtu ${MTU} up

which explains the 10.49.94.100 --> 10.49.94.100. Why is this done like
this? in the OpenVPN connection the tun0 looks like this:

# ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1500
        inet 10.1.3.2 --> 10.1.3.1 netmask 0xffffffff 
        Opened by PID 2020

I asked our IT guys for the addr of the remote end and changed the above
ifconfig cmd hardcoded to

ifconfig "$TUNDEV" inet "$INTERNAL_IP4_ADDRESS" $ifconfig_syntax_ptp 10.49.94.1 netmask 255.255.255.255 mtu ${MTU} up

which let the tun0 comes up as

# ifconfig tun0
tun0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1412
        inet 10.49.94.100 --> 10.49.94.1 netmask 0xffffffff 
        Opened by PID 10372

and I was at least able to ping some other addr in this network (10.49.94.4)

Can someone sheet me a bit light on this? Thanks in advance.

	matthias
-- 
Matthias Apitz
t +49-89-61308 351 - f +49-89-61308 399 - m +49-170-4527211
e <guru at unixarea.de> - w http://www.unixarea.de/

More information about the vpnc-devel mailing list