On Mon, 19 Mar 2001 chanlon,AT,amavi,DOT,com wrote:
> My problem is that both machines will talk to the internal
> interface of the other but they can't talk to the internal networks.
> I believe the packets aren't been forwarded to the inside network
then you have a routing and/or firewalling problem.
> The Redhat box has the following details
> Internal network: 192.168.8.0
> External interface: 18.104.22.168
> *note pkcipe (the rest of cipe would compile on this box so I
> compiled it on the Debian box and copied it over. I can provide more
> details but I suspect they will get us side tracked.
> ipchains -F
> a routing table as follows(extra spaces removed)
> Destination Gateway Genmask Flags Metric Ref Use Iface
> 192.168.8.250 * 255.255.255.255 UH 0 0 0 eth1
> 192.168.8.0 * 255.255.255.0 U 0 0 0 eth1
> 22.214.171.124 * 255.255.254.0 U 0 0 0 eth0
> 127.0.0.0 * 255.0.0.0 U 0 0 0 lo
> default 126.96.36.199 0.0.0.0 UG 0 0 0 eth0
where is the route to tell this box how to get the network behind the
remote cipe peer?
you need something very much like:
route add -net 192.168.111.0 netmask 255.255.255.0 \
gw <remote_cipe_ptp_addr> metric 0
route add -net 192.168.111.0 netmask 255.255.255.0 metric 100 reject
same for the other end. you have no route telling the debian box that
192.168.8/24 is reachable via the other end of the cipe tunnel, so you
need corresponding routes as above on your debian box too.
NB: the reject route isn't strictly neccessary, but is needed to make
sure that your box doesn't try to route packets intended for the cipe
tunnel to somewhere else when the cipe tunnel is down.