Hi! I have been working on l2tp on my lab and I wanted to leave a tip here as it took me about a week to finally make it work. I'm not sure if the problem that I faced is specific to the device that I am using, namely cisco 892 router, but here is the tip for those working on l2tp. When you are setting the interface which is used for tunneling the LAN, the one you apply "xconnect", it has to be a WAN interface! I found this very weird and confusing. Why would you want to use WAN interface for tunneling LAN interface🤣. The below link really saved me as the given answer was exactly the one I needed. Without it, I'm probably still working wondering why ping is not working even though that the tunnel is established and everything seems configured correctly. Cisco892で, "WANポート"を使わなければL2TP接続した両端の機器間でPing疎通できない I also used a lot of Switched Port Analyzer(SPAN) for debugging. It's very useful and fun tool for labbing! Below is the topology of my lab after setting up l2tp. I have been interested in benchmarking my networking devices for a while and I am hoping to make a post about it within a next couple week. Anyways, see you in the next post!
Hi! Today, I wanted to share about the things that I have learned by tunneling between Ras Pi and a router through GRE. At first, I was trying GRE on packet tracer but it didn't work for some reason. So I decided to instead work on physical devices which were available at the moment. I will share some of key commands for setting up GRE on Ras Pi. For the router, you will find many resources online for setting up GRE on a cisco router😅.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip tunnel add gre1 mode gre remote 172.168.10.25 local 192.168.233.204 ttl 255
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ ip tunnel list
gre0: gre/ip remote any local any ttl inherit nopmtudisc
gre1: gre/ip remote 172.168.10.25 local 192.168.233.204 ttl 255
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip addr add 10.10.10.1/24 dev gre1
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip link set gre1 up
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip addr add 192.168.233.204/24 dev eth0
The process of setting up GRE is the same for both Ras Pi and a router, only difference is the commands😎. Once done with the above set up, you have to configure the route for both the physical interface connected to the router and the virtual tunnel interface. Below is the route table.
┌──(kali㉿kali-raspberry-pi)-[~]
└─$ sudo ip route
default via 192.168.85.77 dev wlan0 proto dhcp src 192.168.85.76 metric 600
10.10.10.0/24 dev gre1 proto kernel scope link src 10.10.10.1
172.168.10.25 dev eth0 scope link
192.168.85.0/24 dev wlan0 proto kernel scope link src 192.168.85.76 metric 600
192.168.233.0/24 dev eth0 proto kernel scope link src 192.168.233.204
Here 10.10.10.0/24 is the network for the tunnel and 172.168.10.25 is the address of the router's physical interface connected to Ras Pi. When I was working on tunneling yesterday, I couldn't figure out why ping was failing after setting up the tunnel. It was the route info that was missing🤣. See you in the next post!