FANDOM


back to http://scratchpad.wikia.com/wiki/Sasecurity

TableOfContents

* HostOutages
* HostMapping1
* VpnIntermeshTunnels
* HostMapAndTcpDump
* HostAndPortMapping

Hostmapping and StaticIp Edit

See BroadUnblock


Hostmapping and StaticIp Edit

See UnblockNode

MAKE CLIENT IP ADRESS STATIC. StaticIp Make a client meshbox static for purpose such HostMapping a WAN address to it.

Two routes to a gateway Edit

{{{ What happens when there are two equi-distant routes to a gateway? Is it fairly new? If so the reason I can't find it would it be cos were on b25 build 7X (I think)? I take it if you lock to Gateway it stays locked even if that gateway goes down? Or will it search somewhere else of that gateway fails?

you'll probably see some route flap as conditions change over time. For situations where this is a problem (e.g. host mapping), use the "lock to gateway" or "prefer gateway" function.

==========

If a repeater has a route to gateway A at 3 hops distant, and another route to gateway B also at 3 hops, which one will be used for the repeater's default route? Does AODV/MeshAP use something like signal strength as a tiebreaker? Or is it random?

==============================

I have had to do something not too dissimilar with a bus information system, where they wanted to control the remote PC's within the mesh. If you are on Skype, you are welcome to give me a call - jonathan_roper - we can post back the success story back to the list once we get it working.

   I'm finally getting an idea of what is wanted with the network that has
   been installed here on the motorway.  However, I am not sure that we can
   offer what is being requested. Let me see if I can express this:
   There are 28 meshboxes installed over about 10 miles of road above
   variable speed limit signs.  The internet arrives at various points
   using fibre across the network, giving us 6 gateways.
   At the moment each gateway has a public internet address given by dhcp.
   On the same switch is a server, with a static address of 10.1.44.101
   On each ethernet port of the mesh nodes sit something called a PLC,
   which I haven't quite worked out - but I think is part of the sign
   mechanism.  These have static addresses in the same range as the server.
   They need to be able to chat with the server, and the server needs to be
   able to see them. At the moment this is not allowed.
   How is the best way to make this happen?  I am not sure if we can get to
   these PLC's to change their addresses as they're installed on a motorway
   which, for obvious reasons, is difficult to get to.
   Is host mapping the best way to go?  I know we can kick 10.1.44.18, for
   example, to a computer on node 15 say, but if that node thinks it is
   already that address is that going to work, or does it have to be in the
   same range as the meshbox?  Can you reverse hostmap too, so that the PLC
   can see what it thinks is it's server.  The effect we need is as if all
   the boxes were plugged into the same switch?
   Is there a way to change the eth address from 192.168.x.x to 10.1.44.x
   on the meshboxes and then switch on cross mesh networking?
=========

}}}


Edit me Edit

{{{ >can you just check these settings and tell me what I am doing wrong, I have >followed the wiki and your instructions but still will not work. > >Gateway router. >82.xxx.xxx.188 DMZ to 192.168.1.24 (works) > > >Gateway Node. >HOSTREMAP2:192.168.1.24 151 1.200.xxx.65 (works great to the remote node, >can access the remote via the external address)

You want to set up the hostmap as follows on the gateway node: HOSTREMAP2:192.168.1.24 151 192.168.1.220 But one possible problem is that you are using the 192.168.1.0 network as the wired interface on both meshboxes. It would be easier if you were to change the wired.local interface of the remote node to 2.2

In which case you would put in: HOSTREMAP2:192.168.1.24 151 192.168.2.220 The way this works is that you are already saying to the gateway node that you want traffic to the remote node, because that is where the remote tunnel is pointing to. The IP address should be that of the server you are connecting to once you have reached the remote node.

>Remote Node host map. >192.168.1.24 192.168.1.220 (not working) do I need the include the remote >node cell ID fro Ethernet customers? You don't need this one setting up.

> >Remote Node port map. >PORTREMAP1:tun:8080 192.168.1.220:8080 (not working) >PORTREMAP2:tun:1723 192.168.1.220:1723 (not working) >PORTREMAP3:tun:5800 192.168.1.220:5800 (not working)

This works OK on one of my nodes:

PORTREMAP2:tun:80 192.168.2.194:3128 }}}

Adding Hosts to the Mesh Edit

{{{ A couple of things to be wary of when moving a mail server into the mesh but if you do, use host mapping or port mapping.

1. Your server shares the same outgoing IP with all your clients so one infected PC gets your server blacklisted.
2. If you have multiple gateways you have to hack the routes to get it all to work when the node it is on switches gateways.
3. make sure the gateway addresses have PTR records setup or you could run into problems

I would always prefer to have the server on its own IP with correctly setup DNS records but I have run them on Mesh when there is no other choice. We wish to move our mailserver internal to the mesh so as to keep=mail traffic internal. In windows we would add something like this to the hosts file: mailgate.clannet.co.uk 1.78.63.107 (node where the mailserver resides with necessary port forwards= set) Does anyone know the equivalent for the meshbox? }}}


External links Edit

* WebCam

Ad blocker interference detected!


Wikia is a free-to-use site that makes money from advertising. We have a modified experience for viewers using ad blockers

Wikia is not accessible if you’ve made further modifications. Remove the custom ad blocker rule(s) and the page will load as expected.