23 Jun
2016
23 Jun
'16
7:47 a.m.
Found the actual problem!
IPSec VTI VPNs means I can't do source-based NAT/firewall rules to redirect GRE from
the DECnet tunnel IPs to a separate box as is currently configured.
I had to ask the vendor and community for help on this ;)
Dang vyos!
Sent from my iPhone
On Jun 22, 2016, at 21:09, Cory Smelosky <b4 at
gewt.net> wrote:
On Thu, 23 Jun 2016, Tim Sneddon wrote:
Hi Cory,
I've updated my tunnel configuration, but I'm not getting any traffic from your
end. I can ping you though.
Found part of the problem. ;)
mercedes-sj(config)#ip route 0.0.0.0 0.0.0.0 10.12.0.1
Forgot to add that, along with enabling IP routing and setting DECnet on fa0/0.
rule 30 {
action accept
destination {
address 10.12.0.6
}
log disable
protocol gre
}
also pretty sure that's not the EdgeOS way to forward GRE...;)
Regards, Tim.
--
Cory Smelosky
http://gewt.net Personal stuff
http://gimme-sympathy.org Projects