This project has moved. For the latest updates, please go here.

IPIP Tunnel with BarbaTunnel.

Jun 2, 2013 at 2:51 AM
Edited Jun 2, 2013 at 2:53 AM
Hello,

I was working on a project that use IPIP Tunnel to route a server to another one.


----------VPN (on Interanet)-----------------------------BarbaTunnel(Internet)----------------------
Client------------------------->Server1(Authentication)--------------------->Server2(open pages)


I worked on IPIP Tunnel unfortunately , eoip , ipip ,gre and ... are blocked by my country censorship.
I would to route my server 1 packets to server 2.

I think it's possible with barba but I have no idea HOW!?.

I would like to see if anybody has worked on it to help me out.
Coordinator
Jun 2, 2013 at 7:56 AM
I was working on a project that use IPIP Tunnel to route a server to another one.
Actually BarbaTunnel doing this, but what you mean a project? you creating a software or just wanna establish the connection?
  • If you going to create a software you should look at BarbaTunnel source-code just I can say you use Couriers to establish HTTP-Connection. I could not help you more.
  • If you going to establish the connection just install baba-tunnel and establish VPN,
    Cheers
Jun 3, 2013 at 6:06 AM
Hi Barbacoder!

Unfortunately I tested barbaTunnel as you said.
I run barbaTunnel and let listen to vpn client software(kerio vpn client) then establish a connection thru HTTP_TUNNEL. Unfortunately I saw my whole network get out of access. It happens like whenever a vpn client connects to server. even can not ping that IP.

What's your idea?
Coordinator
Jun 3, 2013 at 8:22 AM
Edited Jun 3, 2013 at 8:22 AM
when you connect to your server, VPN server give your client an IP and server have IP in another range for VPN. for example:
  • Your Server IP is: 70.71.72.73, and Client IP is: 10.20.30.40
  • Your client connect to your server 70.71.72.73
  • Now another network with new range should already created for example Your server should have: 192.168.100.1 and client should get 192.168.100.2 (other IP should still exists)
I have 2 question now:
  1. Can you ping server old IP 70.71.72.73 from client?
  2. Can you ping server new virtual IP 192.168.100.1 from client?
Let me know the result
Jun 3, 2013 at 4:08 PM
Hello,

Thank you for your reply.

My clients can not ping my VPN Server IP 70.71.72.73.
Now IP Address of server 1 is behind server 2.

but theoretically Network of Kerio should be passed thru HTTP Port then my VPN clients connect to my servers thru PPTP.
TIP: Both servers have just one ethernet card. that both are connected to internet thru that ethernet card.
Coordinator
Jun 3, 2013 at 5:26 PM
Dear pejman_view
My clients can not ping my VPN Server IP 70.71.72.73
70.71.72.73 Has been just sampled, I hope you got it, there is no server with 70.71.72.73
So it does not relate to barbatunnel unless you did something horrible such as grab all packets with BarbaTunnel. The server should always get ping before and after vpn connection. Make sure the ping server is running and firewall does not block it.

Why you don't built-in VPN server, look here:
How to setup and configure SSTP VPN tunnel on Windows Server 2008 to share internet traffic?
Jun 3, 2013 at 6:45 PM
Hi,

I just take you an example for 70.71.72.73 as you already as an example said

I configured radius server with an accounting software. My vpn network is working fine.
But my first server has some restrictions behind enterprise firewalls. I would use barba to bypass the restrictions then my users could use vpn with no restrictions.

better say, my first server is a client vpn for second server. and my first server also have some vpn clients. in order to no conflicting . I use kerio vpn on first server to connect server 2. but whenever i connects via kerio vpn client. whole packets get thru barbatunnel. even i can not ping my server.
Coordinator
Jun 3, 2013 at 11:32 PM
What is your GrabProtocol?
Is it happening immediately after you start BarbaTunnel or after you connect the VPN?
Jun 4, 2013 at 3:39 AM
Hello,

After connecting kerio vpn , this is my grab protocol
GrabProtocols=GRE:*,TCP:1723,TCP:443,UDP:443,UDP:1701,TCP:1701,UDP:500,UDP:4500,TCP:4090,UDP:4090
Coordinator
Jun 4, 2013 at 6:29 AM
I asked 2 questions for you but you replied just one.
  1. Can you ping server old IP 70.71.72.73 from client?
  2. Can you ping the server via new virtual IP 192.168.100.1 from client?
You should know after connecting to VPN all packets should go to tunnel EXCEPT the packet that directly going to remote server, it is mandatory to prevent loop back event for VPN tunnel.
By the way I don't know about Keiro, if packet grabbed by BarbaTunnel it should be happen before connecting to VPN too. After you connect to VPN still ping to the server should not be tunneled so it should be pinged too.
Check can you ping the server via new virtual IP 192.168.100.1 from a client? if yes it means you establish a tunnel successfully and have issues from your network config.
Consult with a Network Administrator, I think your have same issue even if your VPN traffic was not filtered.
Cheers