>1) Пришли конфиги
>2) Попробуй отключить шифрование и сжатие шифрование и сжатие работает на втором тунеле - значит и на этом должна работать
конфиги
сервер
[root@bc /usr/local/etc]# cat vtund.conf
options {
port 5000;
syslog daemon;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipfw;
}
default {
compress lzo:9;
speed 0;
}
bc {
pass дер_пароль;
type tun;
proto udp;
encr yes;
keepalive yes;
up {
ifconfig "%% 192.168.0.2 192.168.0.1 netmask 255.255.255.255 mtu 1450 up";
route "add -net 192.168.26.0/24 192.168.0.1";
firewall "add 00050 pass udp from any to any via %%";
firewall "add 00070 pass tcp from any to any via %%";
};
down {
ifconfig "%% down";
route "delete 192.168.26.0/24";
firewall "delete 00050";
firewall "delete 00070";
};
}
gate {
pass дер_пароль;
type tun;
proto udp;
encr yes;
keepalive yes;
up {
ifconfig "%% 192.168.0.2 192.168.0.3 netmask 255.255.255.255 mtu 1450 up";
route "add -net 192.168.20.0/24 192.168.0.3";
firewall "add 00051 pass udp from any to any via %%";
firewall "add 00052 pass tcp from any to any via %%";
};
down {
ifconfig "%% down";
route "delete 192.168.20.0/24";
firewall "delete 00051";
firewall "delete 00052";
};
}
клиент
[root@gate /usr/local/etc]# cat vtund.conf
options {
port 5000;
syslog daemon;
ifconfig /sbin/ifconfig;
route /sbin/route;
firewall /sbin/ipfw;
}
default {
compress lzo:9;
speed 0;
}
gate {
passwd дер_пароль;
type tun;
proto udp;
encrypt yes;
keepalive yes;
up {
ifconfig "%d 192.168.0.3 192.168.0.2 netmask 255.255.255.255 mtu 1450 up";
route "add -net 192.168.25.0/24 192.168.0.2";
firewall "add 00051 allow udp from any to any via %%";
firewall "add 00052 allow tcp from any to any via %%";
};
down {
ifconfig "%% down";
route "delete 192.168.25.0/24";
firewall "delete 00051";
firewall "delete 00052";
};
}