<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: Frame errors with Cipe-Win32
From: Ville Voipio <vvoipio,AT,cc,DOT,hut,DOT,fi>
Date: Fri, 3 Nov 2000 23:17:59 +0100
In-reply-to: <200011031059360011.1D90964A@mail-server>

Damion,

Thank you for your quick reply.

> There is a known "issue" between Cipe-Win32 and Cipe 1.4.x. I don't know
> what happened, but I think that a field changed position in the UDP frame.
> It's only been reported to me 10 days or so ago. I don't have a Cipe 1.4.3
> box setup and I'm currently rewriting Cipe-Win32. If you use Cipe 1.3.x,
> everything will work fine.

In case you are referring to Chris's Problem [Re: Cipe for Windows], there
are certain differences. In my case the Linux box does not answer
anything. It does not even try to exchange keys. If you need broken UDP
frames, I have some on my hard disk as hex dumps. I can send them along
with the key, if it is of any help!

Anyway, we tried the 1.3.0 version for Linux. It does not work either, but
the symptoms are different, almost promising:

- Key exchange goes nicely without any problems.
- Tunnel seems to be up
- Cannot ping either way through the tunnel

If I ping the NT machine (from the Linux box), an icmp-echo-request is
sent from the cipcb0 interface. A UDP packet is sent out from the ethernet
connection. The answer never arrives. A lot of NetBios messages from the
NT machine are received by the Linux box.

If I ping the Linux box from the NT machine, the Linux box receives an
icmp-echo-request and replies with an icmp-echo-reply. BUT, the NT machine
never receives the reply.

Pinging between the two computer works fine outside of Cipe.

As far as I have understood, this little test implies:

1. There is no "physical" obstacles between the computers, as the keys can
be exchanged. Both computers can access each others' UDP ports.

2. The NT machine is deaf, it does not receive anything from the Linux box
over Cipe.

---

This looks like an internal problem in Windows NT (routing or something
like that). It just popped into my mind that also Chris (who had problems
with CIPE-1.4.3) seems to have Windows NT 4.0 Service Pack 6a with 128-bit
encryption. Could it be that this specific SP level causes odd phenomena?

I'll take a closer look at what the NT kernel driver thinks about all this
as soon as I get DebugView installed.

Thanks for your help!

- Ville





<< | Thread Index | >> ]    [ << | Date Index | >> ]