Re: cipe configuration and routing question|
Sat, 14 Jul 2001 16:10:26 +0200|
This make perfect sense! Thanks for the clarification. I'll give it a shot
when I get back to work.
Peter van den Heuvel <peter,AT,asylum,DOT,xs4all,DOT,nl> on 07/14/2001
To: Julian Urquijo/NYSO/US, cipe-l,AT,inka,DOT,de
Subject: Re: cipe configuration and routing question
> VPN A:
> eth0 - 192.168.1.1 (local network- internal interface)
> eth1 - 192.168.100.1 (external interface - will eventually be moved to a
> static IP assigned by my ISP)
> VPN A /etc/cipe/options.cipcb0:
> device cipcb0
> # remote internal (fake) ip address
> ptpaddr 192.168.2.1
> # my cipe (fake) ip address
> ipaddr 192.168.1.1
> # my real ip address and cipe port
> me 192.168.100.1:1037
> # remote real ip address and cipe port
> peer 192.168.100.2:1037
> # unique 128 bit key
> key b608a161b56a6a3861b3b42734a0d80c
Oops! VPN-A has 3 network interfaces (like B): eth0, eth1 and cipcb0.
You just gave the eth0 and cipcb0 interfaces with the same IP address.
Look at it as if you have 4 networks: private on A, private on B, the
Internet and your (point-to-point) cipe network. You could (example)
allocate 192.168.254.0 to cipe, using IP's in pairs. Routing is between
the cipe interface and the ethernet card.
So, cipe on A gets ...254.0 and cipe on B get ...254.1. Next make sure
these appear as host addresses (netmask 255.255.255.255) in the routing
table. Then add your static routes to the ...1.0 (gw ...254.0) on B and
...2.0 (gw ...254.1) on A.
Also, (must admit, forgot it myself more then once :( enable routing
with echo 1 >/proc/sys/net/ipv4/ip_forward and start without any form of
That should get you going.