<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: CIPE peers ignore each other
From: <trb,AT,eastpac,DOT,com,DOT,au>
Date: Sun, 5 Nov 2000 19:07:30 +0100

I am trying to run CIPE between two machines configured as follows:

hermes: Debian potato, kernel 2.2.17, CIPE 1.3.0

styx: custom firewall setup, kernel 2.0.38, CIPE 1.4.3 (both compiled with
gcc272)

Both are configured to use Blowfish (the default). The keys are identical.

I can get hermes to talk to another Debian box with the same config as hermes,
but I cannot get hermes and styx to talk. When I ping one from the other,
tcpdump shows udp packets being sent, but CIPE on the other peer does not show
any sign of receiving them (I am running ciped with the debug option at each
end, and watching the syslog as well) (BTW how do I ask the CIPE module for
debug info ?). I am running tcpdump on both machines, to make sure that the
firewall rules are not stopping the packets - they are getting through okay.

I did manually add a route for cipcb0 on styx (since this is needed on 2.0.38
kernels). styx can ping itself.

Any ideas about how to track down the problem ?

Is anyone else using the anachronistic combination of kernel 2.0.38 and CIPE
1.4.3 ? (I probably should upgrade the kernel, but there is a lot of 
customised
software that I would need to rebuild, so I would like to keep using 2.0.38,
until I design a replacement firewall).

Any suggestions would be appreciated. The config files are appended below.

Tim

---
# hermes:/etc/cipe/peers/styx :

# hermes.cipenet
ipaddr 10.137.1.4

# styx.cipenet
ptpaddr 10.137.1.10

# me    0.0.0.0:234     # when I get it working
me      192.168.1.4:234

# styx
peer    192.168.1.10:456

device  cipcb0

# no automatic exit on errors
maxerr  -1

key     <deleted>

---
# styx:/etc/cipe/peers/hermes :

# styx.cipenet
ipaddr  10.137.1.10

# hermes.cipenet
ptpaddr 10.137.1.4

me      192.168.1.10:456

# hermes
# peer  0.0.0.0:234     # when I get it working
peer    192.168.1.4:234

device  cipcb0

# no automatic exit on errors
maxerr  -1

key     <deleted>





<< | Thread Index | >> ]    [ << | Date Index | >> ]