Le dim, 20/06/2004 à 20:34 +0200, Damien Sandras a écrit : > Le dim, 20/06/2004 à 20:14 +0200, Holger Unterbrink a écrit : > > I haven't looked at the GM srccode, yet, so I don't know how it gets the > > Src IP (which is used in the upper L3 headers). The Cisco VPN client is > > a kernel module that intercepts the network stack in kernel space, afaik > > it's not seen from apps running in userspace or tools like ifconfig etc. > > >From the userspace or common apps, everything like the routing table, > > interfaces, etc are looking as they looked before the VPN was setup. > > In theorie it looks similar to a NAT Gateway outside the box (for me). > > Please correct me if I am wrong, I thought the NAT feature in GM would > > exchange the local IP of the box with the given IP in the NAT dialog in > > all layers above layer 3. So I've no idea why it's not working ? > > That's correct. Looks like a bug of the VPN client to me. It is not > "that transparent" if it doesn't work. Notice that if you run gnomemeeting -d 3 on the remote side you should see the IP used for the RTP traffic. > > > The VPN Client is free and easy to install, if you like to test it on > > your own I can send you a copy and you can dial into my network. > > > > Unfortunately I don't have much time to test it right now, but if > anybody else wants to do it, he is welcome. > > > -holger > > > > Am So, den 20.06.2004 schrieb Damien Sandras um 19:03: > > > Le dim, 20/06/2004 à 17:54 +0200, Holger Unterbrink a écrit : > > > > that was my first idea, too, but it still picks the local IP of eth0. If > > > > you like, I can send you an sniffer trace. > > > > > > > > > > You can but I'm not sure I understand your setup. > > > > > > If you have no virtual interface, does it mean you have 2 IP addresses > > > for eth0? > > > > > > If so there is no reason why IP translation wouldn't work as it working > > > for all users. > > > > > > > > > > Regards > > > > holger > > > > > > > > Am So, den 20.06.2004 schrieb Damien Sandras um 17:44: > > > > > Le dim, 20/06/2004 à 17:30 +0200, Holger Unterbrink a écrit : > > > > > > Hi all, > > > > > > > > > > > > I am using the following setup: > > > > > > > > > > > > > > > > > > LinuxPC1(Gnomemeeting+VPNclient_IPsecVPN)---Inet---Router2---LinuxPC2(Gnomemeeting) > > > > > > > > > > > > > > > > > > On LinuxPC1 I have a Cisco VPN CLient running that dials into the > > > > > > Router2. The Cisco VPNclient does *not* use some kind of virtuel > > > > > > Interface, it just intercepts the network stack. Unfortunatly, it seems > > > > > > to me that gnome meeting just pics the IPaddress from eth0 for it's call > > > > > > setup. The result is that the video stream only works in one direction, > > > > > > cause LinuxPC2 tries to send his UDP video stream to the IP addr of eth0 > > > > > > of LinuxPC1, instead of using the virtuell IP addr. > > > > > > > > > > > > The question: Is there any way to tell Gnomemeeting, not to pic the IP > > > > > > address automatically from the phy. interface ? Is it possible to > > > > > > specify the source IP addr. manually ? If not, could someone point me to > > > > > > the responsibile sourcecode files, which get the IP address for the call > > > > > > setup ? > > > > > > > > > > > > > > > > Yes, you can do that in the "NAT" preferences : > > > > > - enable IP Translation > > > > > - put your IP there > > > > > - disable automatic IP checking > > > > > > > > > > > > > _______________________________________________ > > > > GnomeMeeting-list mailing list > > > > GnomeMeeting-list gnome org > > > > http://mail.gnome.org/mailman/listinfo/gnomemeeting-list > > > > _______________________________________________ > > GnomeMeeting-list mailing list > > GnomeMeeting-list gnome org > > http://mail.gnome.org/mailman/listinfo/gnomemeeting-list > _______________________________________________ > GnomeMeeting-list mailing list > GnomeMeeting-list gnome org > http://mail.gnome.org/mailman/listinfo/gnomemeeting-list -- _ Damien Sandras (o- GnomeMeeting: http://www.gnomemeeting.org/ //\ FOSDEM : http://www.fosdem.org v_/_ H.323 phone : callto:ils.seconix.com/dsandras seconix com
Attachment:
signature.asc
Description: Ceci est une partie de message =?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=