<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Cipe connection problems.
From: ewheeler,AT,kaico,DOT,com
Date: Wed, 20 Jun 2001 02:03:32 +0200
In-reply-to: <3B2F14CB.5040802@freealter.com>

I've seen this problem kicking arround the mail-list lately, so...

To all who have problems with cipe after using iptables for firewall rules
and/or SNAT but not before:

  I had this problem for a little while until I figured out what happens.  

If you have the following:
 iptables -t nat -A POSTROUTING -j SNAT --to-source Z.Z.Z.Z

Then ALL packets routed through the linux box have their source port
mangled.  This includes cipcbX, pppX, ethX, slX, ...etc...

So, here's what you need to do:

If your destination network for your cipe link is, add this

iptables -t nat -I POSTROUTING 1 -d -j RETURN

This will make your linux box stop mangling the source port on packets
destined for  Therefore your local network can still use
SNAT to allow several systems on the internet through one IP and you can
also route to your remote networks over CIPE!


<< | Thread Index | >> ]    [ << | Date Index | >> ]