Dear All
I have my diagram in attached file
What I need is :
I have a network 10.9.8.0/24 on a main company site and I'm blocked the YouTube in this network
In another company branch, I did an EoiP tunnel with the main company and I received 10.9.8.50 by ip dhcp clint, so this ip is already YouTube blocked
After that I have a different DHCP 10.9.7.0/24 and this network is masqueraded with 10.9.8.50
So my question is, how to pass a client using the second network example 10.9.7.10 from YouTube blocking
Sorry for my bad English and thanks you
-
-
mazinsaeed
newbie
- Posts: 41
- Joined:
Acceptable ip's between different network
You do not have the required permissions to view the files attached to this post.
-
-
christopherh
newbie
- Posts: 29
- Joined:
- Location: Sydney, Australia
Re: Acceptable ip's between different network [SOLVED]
I'm sorry, but the description of your problem and the network diagram doesn't makes sense. Correct me if I am wrong, this is how I deciphered it:
The Problem
The network 10.9.8.0/24 currently has content filtering in place, preventing access to YouTube. Network 10.9.7.0/24 does not have any content filtering in place. You have established an EoIP tunnel between the two sites, and wish to route any traffic destined for YouTube over this EoIP tunnel from the 10.9.8.0/24 network to the 10.9.7.0/24 network.
The DHCP server on the 10.9.8.0/24 has given the 10.9.7.0/24 end of the tunnel a DHCP address of 10.9.8.50. So, any external traffic being routed over the EoIP tunnel is being masqueraded with that .50 address.
You want to know how to allow traffic from the 10.9.8.0/24 network to access YouTube over the EoIP tunnel.
The Solutions
I say solutions because there are a few ways to achieve this.
The Problem
The network 10.9.8.0/24 currently has content filtering in place, preventing access to YouTube. Network 10.9.7.0/24 does not have any content filtering in place. You have established an EoIP tunnel between the two sites, and wish to route any traffic destined for YouTube over this EoIP tunnel from the 10.9.8.0/24 network to the 10.9.7.0/24 network.
The DHCP server on the 10.9.8.0/24 has given the 10.9.7.0/24 end of the tunnel a DHCP address of 10.9.8.50. So, any external traffic being routed over the EoIP tunnel is being masqueraded with that .50 address.
You want to know how to allow traffic from the 10.9.8.0/24 network to access YouTube over the EoIP tunnel.
The Solutions
I say solutions because there are a few ways to achieve this.
- Remove the endpoint IPs from the tunnel, bridge the ends with their respective LANs, so the tunnel acts as a bridge. This will however cause both sites to become one network, sharing the same resources, and all traffic from the remote site to be routed to the local site, and out to the internet.
- Determine which IPs are being used by YouTube (which is near enough impossible, given the number of public IPs they use). You could look at the Hurricane Electric BGP Toolkit to see what IPs Google are announcing for their YouTube service and then route these IP prefixes over the tunnel so they egress via the 10.9.7.0/24 gateway.
- If the MT router is the gateway on the 10.9.8.0/24 side which is filtering YouTube, go through the configs and see what is blocking it. Might help to start off with the logs.
- If there is a legitimate need to access YouTube, instead of just wanting to watch videos at work, talk to the IT dept and see if they can whitelist the domain for specific IPs.