CIPE across firewalls - RH 7.0

[Scott Sharkey <ssharkey,AT,linux-no-limits,DOT,com>]

Hi All,

I have two separate problems which I think I can use CIPE to solve,
and would like some advice about.

First, I have a need to connect two sites that each are behind a 
firewall.  In future, the number of sites interconnected will grow,
with one central "hub" and several outlying branches.  Each independent
site has it's own firewall (not Linux), so I need to configure CIPE
to be passed through the NAT/Firewall.  From looking at the doc's,
I can do this by choosing different ports for each location, and just
port-forwarding through the firewalls.  Is that correct?

There also seems to be an issue with Redhat's RPM'ed CIPE, in that
it doesn't work well for multiple sites simultaneously.  Is that
correct?  I've seen a few sample scripts to fix that in the archives.

Second problem: I have two sites, each running a Linux firewall/NAT,
each of which has a dynamic IP address.  Each site is registered with
dyndns.org, so I can find them by name (svr1.dyndns.org, and
svr2.dyndns.org).  What special precautions do I need to connect these
two lan's using CIPE.  Should CIPE run on the firewall boxes, or on
an internal machine? 

Thanks for any and all advice.  I appreciate it.

-Scott