<< | Thread Index | >> ]    [ << | Date Index | >> ]
Subject: cipe configuration and routing question
From: jurquijo,AT,nyso,DOT,org
Date: Fri, 13 Jul 2001 21:08:09 +0200
 
I'm new to cipe and routing, so please bear with me.

I think I've got cipe configured properly and believe it's starting up
properly, but I can't ping a host on one side from a host on the other, or
even ping the internal network on the 2nd cipe machine. I've tried adding
static routes to 192.168.2.0, but none of them have worked. If someone who
knows what they're doing could take a look at my configuration and tell me
if the cipe link is starting correctly (I think it is, based on dmesg
output) and throw some routing hints my way, I'd be VERY grateful.

I've got machines A & B (VPN gateways) and behind them C & D (test
workstations on each of the "internal" networks). Once (if) this goes live,
it will look like this:

Workstation C ------ VPN A ------ ISP / Internet / ISP ---- VPN B ------
Workstation D

For testing purposes, it looks like this:

Workstation C ------ VPN A ------ ethernet hub ---- VPN B ------
Workstation D

Ultimately the goal is for any machine on the local networks at either end
to be able to see any machine on the other.

VPN A:
eth0 - 192.168.1.1 (local network- internal interface)
eth1 - 192.168.100.1 (external interface - will eventually be moved to a
static IP assigned by my ISP)

Workstation C:
192.168.1.100

VPN B:
eth0 - 192.168.2.1 (internal)
eth1 - 192.168.100.2 (external - will get a static, routable IP as above )

Workstation D:
192.168.2.100

VPN A - Kernel IP routing table (this is the default when it boots, doesn't
 show any of the changes I made, which didn't work anyway)
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
192.168.2.1     *               255.255.255.255 UH    0      0        0
cipcb0
192.168.100.0   *               255.255.255.0   U     0      0        0
eth1
192.168.1.0     *               255.255.255.0   U     0      0        0
eth0
127.0.0.0       *               255.0.0.0       U     0      0        0 lo

VPN A /etc/cipe/options.cipcb0:
device    cipcb0
# remote internal (fake) ip address
ptpaddr 192.168.2.1
# my cipe (fake) ip address
ipaddr    192.168.1.1
# my real ip address and cipe port
me   192.168.100.1:1037
# remote real ip address and cipe port
peer 192.168.100.2:1037
# unique 128 bit key
key  b608a161b56a6a3861b3b42734a0d80c

VPN A dmesg cipe-related output:
cipcb: CIPE driver vers 1.4.5 (c) Olaf Titz 1996-2000, 100 channels,
debug=1
cipcb: cipe_alloc_dev 0
cipcb0: alloc
cipcb0: setpar
cipcb0: setpar 0.0.0.0:0 1000 60000 0200 0
cipcb0: setkey
cipcb0: attach
cipcb0: opened
cipcb0: cipe_recvmsg
<< | Thread Index | >> ]    [ << | Date Index | >> ]