# IPIP Tunnel Support for Windows



## splitice (Sep 11, 2014)

Microsoft Windows does not natively support IPIP (or GRE) Tunnels. This makes Windows Servers more difficult to DDoS protect as Reverse Proxy / Transparent Proxy becomes the only method easily available. 

We at X4B are pleased to announce that this is no longer a limitation. A IPIP (IP-in-IP) userland client is now available bringing support for IPIP as a point-to-point tunnelling protocol. Finally, stateless full packet encapsulation is available on the Platform   

Download: https://www.x4b.net/files/wintunnelcli-1.exe

Licence: All rights reserved. Free for for non-commercial use. For commercial use, contact us possibly for a free licence.
Please respect the months of development spent on this project and respect our reserved right to distribute this software. A more permissive (and possibly open source) licence is coming at a later date.
 

Usage:


wintunnelcli [LocalAddress] [RemoteAddress] [EncapsulatedLocal] [EncapsulatedRemote] [NetworkCIDR] [InnerMTU]

LocalAddress = Address where IPIP packets is to be received
RemoteAddress = Address where IPIP packets are to be addressed
EncapsulatedLocal = Address where encapsulated IP traffic is received (on LocalAddress)
EncapsulatedRemote = Encapsulated Gateway (on RemoteAddress)
NetworkCIDR = The CIDR Range of the Encapsulated Network (Currently only 30 supported)
InnerMTU = Tunnel MTU

More information including requirements and limitations can be found at https://www.x4b.net/kb/WindowsIPIPTunnel

*Please note:* X4B Customers do not use this application, a customized tunnel installer is available from your dashboard including all settings required to create your tunnel.


----------



## splitice (Dec 6, 2014)

Ok I kind of forgot to post an update, so here it is. Full GRE Tunnel support, and a few bug fixes. Its now considered production quality, we and our customers have been running a system with the same core engine in production for months 

*Download:* https://www.x4b.net/files/wintunnelcli-2.exe

*Usage:*



wintunnelcli [LocalAddress] [RemoteAddress] [EncapsulatedLocal] [EncapsulatedRemote] [NetworkCIDR] [InnerMTU] [TunnelType]

LocalAddress = Address where tunnelled packets are to be received
RemoteAddress = Address where tunnelled packets are to be addressed
EncapsulatedLocal = Address where encapsulated IP traffic is received (on LocalAddress)
EncapsulatedRemote = Encapsulated Gateway (on RemoteAddress)
NetworkCIDR = The CIDR Range of the Encapsulated Network (Currently only 30 tested)
InnerMTU = Tunnel MTU
TunnelType = Either "gre" or "ipip"
Licence remains the same for now. A friend with far more C/C++ experience than I volunteered to audit the code, only he hasn't been in country for months. I wont be releasing it open source until it gets audited.

Next when I have some free time: IPSec + GRE/IP-in-IP, it seems daunting now - but the code snippets I have seen don't look *that* bad.  :unsure:


----------



## Hett (Jul 17, 2016)

splitice said:


> Ok I kind of forgot to post an update, so here it is. Full GRE Tunnel support, and a few bug fixes. Its now considered production quality, we and our customers have been running a system with the same core engine in production for months
> 
> 
> *Download:* https://www.x4b.net/files/wintunnelcli-2.exe


----------

