<HTML ><HEAD ><TITLE >Client: Configure Networking</TITLE ><META NAME="GENERATOR" CONTENT="Modular DocBook HTML Stylesheet Version 1.76b+ "><LINK REL="HOME" TITLE="VPN HOWTO" HREF="index.html"><LINK REL="UP" TITLE="Implementation" HREF="implemenetation.html"><LINK REL="PREVIOUS" TITLE="Client: Build the kernel" HREF="x554.html"><LINK REL="NEXT" TITLE="Client: Configure pppd" HREF="x613.html"></HEAD ><BODY CLASS="sect1" BGCOLOR="#FFFFFF" TEXT="#000000" LINK="#0000FF" VLINK="#840084" ALINK="#0000FF" ><DIV CLASS="NAVHEADER" ><TABLE SUMMARY="Header navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TH COLSPAN="3" ALIGN="center" >VPN HOWTO</TH ></TR ><TR ><TD WIDTH="10%" ALIGN="left" VALIGN="bottom" ><A HREF="x554.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="80%" ALIGN="center" VALIGN="bottom" >Chapter 5. Implementation</TD ><TD WIDTH="10%" ALIGN="right" VALIGN="bottom" ><A HREF="x613.html" ACCESSKEY="N" >Next</A ></TD ></TR ></TABLE ><HR ALIGN="LEFT" WIDTH="100%"></DIV ><DIV CLASS="sect1" ><H1 CLASS="sect1" ><A NAME="AEN590">5.14. Client: Configure Networking</H1 ><P > Now we should setup the networking on our client box. Let's assume that we've configured the external network and that it works. Now we will configure the internal interface of the client to service our intranet. </P ><DIV CLASS="sect2" ><H2 CLASS="sect2" ><A NAME="AEN593">5.14.1. Interface</H2 ><P > We need to first bring up the internal network interface. To do this, add the following to your <TT CLASS="filename" >/etc/rc.d/rc.inet1</TT > (or equivalent) file: </P ><P > For 2.0 Kernels: </P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="screen" > /sbin/ifconfig eth1 192.168.10.253 broadcast 192.168.10.255 netmask 255.255.255.0 /sbin/route add -net 192.168.10.0 netmask 255.255.255.0 dev eth1 </PRE ></FONT ></TD ></TR ></TABLE ><P > For 2.2 Kernels: </P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="screen" > /sbin/ifconfig eth1 192.168.10.253 broadcast 192.168.10.255 netmask 255.255.255.0 </PRE ></FONT ></TD ></TR ></TABLE ></DIV ><DIV CLASS="sect2" ><H2 CLASS="sect2" ><A NAME="AEN601">5.14.2. Filter rules</H2 ><P > To set up the remote office, we will want to set up our filter rules that allow traffic to go both directions through the tunnel. Add the following lines to your <TT CLASS="filename" >/etc/rc.d/rc.inet1</TT > (or equivalent) file: </P ><P > For 2.0 kernels: </P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="screen" > /sbin/ipfwadm -F -f /sbin/ipfwadm -F -p deny /sbin/ipfwadm -F -a accept -b -S 192.168.10.0/24 -D 192.168.0.0/16 </PRE ></FONT ></TD ></TR ></TABLE ><P > For 2.2 kernels: </P ><TABLE BORDER="0" BGCOLOR="#E0E0E0" WIDTH="100%" ><TR ><TD ><FONT COLOR="#000000" ><PRE CLASS="screen" > /sbin/ipchains -F forward /sbin/ipchains -P forward DENY /sbin/ipchains -A forward -j ACCEPT -b -s 192.168.10.0/24 -d 192.168.0.0/16 </PRE ></FONT ></TD ></TR ></TABLE ><P > You may have noticed that these lines look like what we have on the server. That's because they are the same. These rules just say where traffic is allowed to go between these two networks. </P ></DIV ><DIV CLASS="sect2" ><H2 CLASS="sect2" ><A NAME="AEN610">5.14.3. Routing</H2 ><P > The only extra routes that are needed are created by the script that bring the tunnel up. </P ></DIV ></DIV ><DIV CLASS="NAVFOOTER" ><HR ALIGN="LEFT" WIDTH="100%"><TABLE SUMMARY="Footer navigation table" WIDTH="100%" BORDER="0" CELLPADDING="0" CELLSPACING="0" ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" ><A HREF="x554.html" ACCESSKEY="P" >Prev</A ></TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="index.html" ACCESSKEY="H" >Home</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" ><A HREF="x613.html" ACCESSKEY="N" >Next</A ></TD ></TR ><TR ><TD WIDTH="33%" ALIGN="left" VALIGN="top" >Client: Build the kernel</TD ><TD WIDTH="34%" ALIGN="center" VALIGN="top" ><A HREF="implemenetation.html" ACCESSKEY="U" >Up</A ></TD ><TD WIDTH="33%" ALIGN="right" VALIGN="top" >Client: Configure <B CLASS="command" >pppd</B ></TD ></TR ></TABLE ></DIV ></BODY ></HTML >