n2n VPN |
![]() |
![]() |
![]() |
Monday, 14 September 2009 00:00 |
New package for Layer 2 Peer-to-Peer VPN was added in Switchfin. It opens series of new features of an encrypted (twofish based) speech communication. In addition it can simplify the network configuration in case the PBX is behind symmetric or asymmetric NAT. To confirm the basic functionality I have done a simple test. Let me describe it here.
For establishing of the simplest possible VPN tunnel apart of the two communicating Edge Nodes one extra Super Node is needed. Initial tests was done using three BR4-Appliances manufactured by SwitchVoice Ltd . An example is shown below. The prompts of the BR4-Appliane devices was annotated so it is clear where the specific command is executed. Let’s start the Supernode service on one of the BR4-Appliance. The IP of this Appliance is 192.168.1.99 and the Supernode service is listening on TCP/UDP port 20. For this simple test all of the Appliances are in the local network. In reality Edge Nodes should have connectivity to the listening port of the Supernode root@br4_supernode:~> supernode -l 20 Let’s start creating the VPN network. root@br4_edgenode1:~> edge -a 10.1.2.1 -c mynetwork -k encryptme -l 192.168.1.99:20 & In the edge command above mynetwork is the name of the created VPN nethwork and encryptme is the encryption key associated with this Edge Node. New virtual Ethernet interface edge0 is created. root@br4_edgenode1:~> ifconfig eth0 Link encap:Ethernet HWaddr 00:09:45:56:21:A0 lo Link encap:Local Loopback Lets do the same for the second Edge Node but this time will give different VPN IP address 10.1.2.2 Now we can ping one of the Edge Node from the other through the new VPN tunnel, and vice versa. root@br4_edgenode1:~> ping 10.1.2.2 root@br4_edgenode2:~> ping 10.1.2.1 The new package can be used for easy creation of a secure voice channels. Dimitar Penev |