<html><head><meta http-equiv="content-type" content="text/html; charset=utf-8"></head><body dir="auto"><div dir="ltr"><meta http-equiv="content-type" content="text/html; charset=utf-8"><br><div dir="ltr"><blockquote type="cite">25 feb. 2020 kl. 07:24 skrev Jan Novak <repcom@gmail.com>:<br><br></blockquote></div><blockquote type="cite"><div dir="ltr"><span>Am 25.02.20 um 07:07 schrieb Peter Libassi:</span><br><blockquote type="cite"><blockquote type="cite"><span>23 feb. 2020 kl. 16:32 skrev Jason A. Donenfeld <Jason@zx2c4.com>:</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>On Sun, Feb 23, 2020 at 2:25 PM Peter Libassi <peter@libassi.se> wrote:</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>Ok, Well even if using another local IP in range 127.0.0.0/8 we can’t be certain we will clash with something else.</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>How about adding a directive for the remote interface address in wg.conf? Like this:</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span># cat /usr/local/etc/wireguard/wg0.conf</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>[Interface]</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>PrivateKey = <-></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>ListenPort = 7777</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>Address = 192.168.2.1/32</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>RemoteAddress = 192.168.2.2</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>[Peer]</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>PublicKey = <-></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>AllowedIPs = 192.168.2.0/24</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>Endpoint = 172.16.0.23:7777</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span># diff /usr/local/bin/wg-quick.org ./wg-quick</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>17a18</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>REMOTE_ADDRESS=""</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>86a88</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>RemoteAddress) REMOTEADDRESS="$value"; continue ;;</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>175c177,181</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>< cmd ifconfig "$INTERFACE" inet "$1" "${1%%/*}" alias</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>---</span><br></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span> if [[ -n $REMOTEADDRESS ]]; then</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span>cmd ifconfig "$INTERFACE" inet "$1" "$REMOTEADDRESS" alias</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span> else</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span> cmd ifconfig "$INTERFACE" inet "$1" "${1%%/*}" alias</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><blockquote type="cite"><span> fi</span><br></blockquote></blockquote></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>This is not a correct fix; we're not going to add a configuration nob</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>to work around FreeBSD network stack gotchas.</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span></span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>Rather, I'd prefer to see all the FreeBSD wg-quick semantics redone</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>around multiple routing tables and marks, much like on Linux, though I</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>don't know if that's possible. Barring that, a proper solution</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>probably involves re-reading the ifconfig man page a few dozen times</span><br></blockquote></blockquote><blockquote type="cite"><blockquote type="cite"><span>to find out how to have interface addresses as we need them.</span><br></blockquote></blockquote><blockquote type="cite"><span>It works perfectly for my single site-2-site use case. You have two options as I see it. Either convince the FreeBSD team to drop the dest_address requirement or implement local/remote address awareness per [Peer] in the wg-quick script.</span><br></blockquote><blockquote type="cite"><span></span><br></blockquote><span></span><br><span>Hi Peter,</span><br><span></span><br><span>Can you show me an example for "... implement local/remote address awareness per [Peer] in the wg-quick script... "</span><br><span></span><br><span></span><br><span>Bfo</span><br><span></span><br><span></span><br><span></span><br></div></blockquote>Here is one way to do it:<div><br><div><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">root@vpn1:~ # cat /usr/local/etc/wireguard/wg0.conf<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[Interface]<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> PrivateKey = <-><o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> ListenPort = 7777<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[Peer]<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> PublicKey = <-><o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> LinkAddress = 10.0.0.1/10.0.0.2<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> Endpoint = 192.168.59.155:7777<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> AllowedIPs = 10.0.0.2/32<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[Peer]<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> PublicKey = <-><o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> LinkAddress = 10.1.1.1/10.1.1.2<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> Endpoint = 192.168.58.155:7777<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> AllowedIPs = 10.1.1.2/32<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">$ diff /usr/local/bin/wg-quick wg-quick<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">16a17<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> LADDRESSES=( )<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">63c64<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">< local interface_section=0 line key value stripped path<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">---<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> local interface_section=0 peer_section=0 line key value stripped path<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">95a97,102<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> [[ $key == "[Peer]" ]] && peer_section=1<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> if [[ $peer_section -eq 1 ]]; then<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> case "$key" in<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> LinkAddress) LADDRESSES+=( ${value//,/ } ); continue ;;<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> esac<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> fi<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">175c182<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">< cmd ifconfig "$INTERFACE" inet "$1" "${1%%/*}" alias<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">---<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> cmd ifconfig "$INTERFACE" inet "${1%/*}/32" "${1#*/}" alias<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">419c426<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">< for i in "${ADDRESSES[@]}"; do<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">---<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">> for i in "${LADDRESSES[@]}"; do<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">root@vpn1:~ # /home/peter/wg-quick up wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] wireguard-go wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">INFO: (wg0) 2020/02/25 13:49:54 Starting wireguard-go version 0.0.20200121<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] wg setconf wg0 /tmp/tmp.vXURfmKj/sh-np.pCIWwG<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] ifconfig wg0 inet 10.0.0.1/32 10.0.0.2 alias<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] ifconfig wg0 inet 10.1.1.1/32 10.1.1.2 alias<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] ifconfig wg0 mtu 1420<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] ifconfig wg0 up<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] route -q -n add -inet 10.1.1.2/32 -interface wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[#] route -q -n add -inet 10.0.0.2/32 -interface wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">[+] Backgrounding route monitor<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">root@vpn1:~ # ifconfig wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">wg0: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> metric 0 mtu 1420<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> options=80000<LINKSTATE><o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> inet 10.0.0.1 --> 10.0.0.2 netmask 0xffffffff<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> inet 10.1.1.1 --> 10.1.1.2 netmask 0xffffffff<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> groups: tun<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> nd6 options=101<PERFORMNUD,NO_DAD><o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"> Opened by PID 2033<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">root@VPN1:~ # netstat -rn4<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">Routing tables<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">Internet:<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">Destination Gateway Flags Netif Expire<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">default 192.168.59.2 UGS em0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">10.0.0.1 link#4 UHS lo0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">10.0.0.2 link#4 UH wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">10.0.0.2/32 wg0 US wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">10.1.1.1 link#4 UHS lo0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">10.1.1.2 link#4 UH wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">10.1.1.2/32 wg0 US wg0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">127.0.0.1 link#3 UH lo0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">192.168.59.0/24 link#1 U em0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">192.168.59.154 link#1 UHS lo0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">192.168.153.0/24 link#2 U em1<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">192.168.153.130 link#2 UHS lo0<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">root@vpn1:~ # ping -c1 10.0.0.1<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">PING 10.0.0.1 (10.0.0.1): 56 data bytes<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">64 bytes from 10.0.0.1: icmp_seq=0 ttl=64 time=0.373 ms<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">--- 10.0.0.1 ping statistics ---<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">1 packets transmitted, 1 packets received, 0.0% packet loss<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">round-trip min/avg/max/stddev = 0.373/0.373/0.373/0.000 ms<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">root@vpn1:~ # ping -c1 10.1.1.1<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">PING 10.1.1.1 (10.1.1.1): 56 data bytes<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">64 bytes from 10.1.1.1: icmp_seq=0 ttl=64 time=0.277 ms<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">--- 10.1.1.1 ping statistics ---<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">1 packets transmitted, 1 packets received, 0.0% packet loss<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;">round-trip min/avg/max/stddev = 0.277/0.277/0.277/0.000 ms<o:p></o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p> </o:p></p><p class="MsoNormal" style="-webkit-text-size-adjust: auto; margin: 0cm 0cm 0.0001pt; font-size: 11pt; font-family: Calibri, sans-serif;"><o:p>/Peter</o:p></p></div></div></div></body></html>