<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: CIPE Config question
From: Phil Barbier <p.barbier,AT,online-bills,DOT,com>
Date: Tue, 28 Aug 2001 17:46:23 +0200
Title: CIPE Config question





I've set CIPE up and working (link is present anyway) but have a few queries 
- when trying from one end to access the other end (just accessing a simple 
web page for example) I can sniff the http packets and they appear 
un-encrypted...

I have all (ping, http, etc. etc.) connectivity between one client machine 
(192.168.20.35 on one side, through to 192.168.40.111 on the other) the IPs 
don't really matter, as it is all fully internal at this stage, as I am 
trying to get it working first.

As far as I know, the CIPE link (192.168.30.*) should be encrypted an be 
unable to be sniffed with any readable packets, however I can sniff the icmp 
requests and the http requests (ie, http headers sent out to the copy of PWS 
running on one of the client machines 20.35) from the IE on the other end 
(40.111) quite clearly, which isn't really what I expected.

I will include all the config stuff, so that you can maybe see and advise 
where I am wrong...


This is one CIPE machine, on one end...


[root@tess /root]# route -n
Kernel IP routing table
Destination???? Gateway???????? Genmask???????? Flags Metric Ref??? Use Iface
192.168.30.27?? 0.0.0.0???????? 255.255.255.255 UH??? 0????? 0??????? 0 cipcb0
192.168.20.0??? 0.0.0.0???????? 255.255.255.0?? U???? 0????? 0??????? 0 eth1
213.130.129.0?? 0.0.0.0???????? 255.255.255.0?? U???? 0????? 0??????? 0 eth0
192.168.40.0??? 192.168.30.179? 255.255.255.0?? UG??? 0????? 0??????? 0 cipcb0
127.0.0.0?????? 0.0.0.0???????? 255.0.0.0?????? U???? 0????? 0??????? 0 lo
[root@tess /root]# ifconfig
cipcb0??? Link encap:IPIP Tunnel? HWaddr
????????? inet addr:192.168.30.179? P-t-P:192.168.30.27? Mask:255.255.255.255
????????? UP POINTOPOINT RUNNING NOARP? MTU:1442? Metric:1
????????? RX packets:26 errors:3 dropped:0 overruns:0 frame:3
????????? TX packets:19 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:0 txqueuelen:100


eth0????? Link encap:Ethernet? HWaddr 00:E0:7D:7C:C2:6D
????????? inet addr:213.130.129.179? Bcast:213.130.129.255? Mask:255.255.255.0
????????? UP BROADCAST RUNNING MULTICAST? MTU:1500? Metric:1
????????? RX packets:5959 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:8556 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:21 txqueuelen:100
????????? Interrupt:10


eth1????? Link encap:Ethernet? HWaddr 00:E0:7D:7C:C2:6C
????????? inet addr:192.168.20.28? Bcast:192.168.20.255? Mask:255.255.255.0
????????? UP BROADCAST RUNNING MULTICAST? MTU:1500? Metric:1
????????? RX packets:30028 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:8093 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:0 txqueuelen:100
????????? Interrupt:11 Base address:0x2000


lo??????? Link encap:Local Loopback
????????? inet addr:127.0.0.1? Mask:255.0.0.0
????????? UP LOOPBACK RUNNING? MTU:16436? Metric:1
????????? RX packets:226 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:226 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:0 txqueuelen:0


[root@tess /root]# cat /etc/cipe/options
ptpaddr???????? 192.168.30.27
ipaddr????????? 192.168.30.179
me????????????? 213.130.129.179:6779
peer??????????? 213.130.129.27:6779
key???????????? xxxxxxxxxxxxxxxxxxxxxxxxxxxx
maxerr????????? -1
[root@tess /root]#


And this is the other on the other end....


[root@flic /root]# route -n
Kernel IP routing table
Destination???? Gateway???????? Genmask???????? Flags Metric Ref??? Use Iface
192.168.30.179? 0.0.0.0???????? 255.255.255.255 UH??? 0????? 0??????? 0 cipcb0
192.168.20.0??? 192.168.30.27?? 255.255.255.0?? UG??? 0????? 0??????? 0 cipcb0
213.130.129.0?? 0.0.0.0???????? 255.255.255.0?? U???? 0????? 0??????? 0 eth1
192.168.40.0??? 0.0.0.0???????? 255.255.255.0?? U???? 0????? 0??????? 0 eth0
127.0.0.0?????? 0.0.0.0???????? 255.0.0.0?????? U???? 0????? 0??????? 0 lo
[root@flic /root]# ifconfig
cipcb0??? Link encap:IPIP Tunnel? HWaddr
????????? inet addr:192.168.30.27? P-t-P:192.168.30.179? Mask:255.255.255.255
????????? UP POINTOPOINT RUNNING NOARP? MTU:1442? Metric:1
????????? RX packets:15 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:23 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:0 txqueuelen:100


eth0????? Link encap:Ethernet? HWaddr 00:C0:DF:07:54:9A
????????? inet addr:192.168.40.27? Bcast:192.168.40.255? Mask:255.255.255.0
????????? UP BROADCAST RUNNING MULTICAST? MTU:1500? Metric:1
????????? RX packets:262 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:108 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:0 txqueuelen:100
????????? Interrupt:12


eth1????? Link encap:Ethernet? HWaddr 00:E0:7D:7C:C2:77
????????? inet addr:213.130.129.27? Bcast:213.130.129.255? Mask:255.255.255.0
????????? UP BROADCAST RUNNING MULTICAST? MTU:1500? Metric:1
????????? RX packets:3225 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:2096 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:4 txqueuelen:100
????????? Interrupt:5 Base address:0x2000


lo??????? Link encap:Local Loopback
????????? inet addr:127.0.0.1? Mask:255.0.0.0
????????? UP LOOPBACK RUNNING? MTU:16436? Metric:1
????????? RX packets:10 errors:0 dropped:0 overruns:0 frame:0
????????? TX packets:10 errors:0 dropped:0 overruns:0 carrier:0
????????? collisions:0 txqueuelen:0


[root@flic /root]# cat /etc/cipe/options
ptpaddr???????? 192.168.30.179
ipaddr????????? 192.168.30.27
me????????????? 213.130.129.27:6779
peer??????????? 213.130.129.179:6779
key???????????? xxxxxxxxxxxxxxxxxxxxxxxxxxxx
#maxerr???????? -1
[root@flic /root]#


I am basically lost here, and would appreciate any help/advice...as we're on 
a deadline (as is everyone) and I've just run out of ideas... :/

Thankyou very much in advance....



Phil.


--
Phil Barbier
Direct Line + 44 (0) 1782 384652
Web Developer
Online Bills Ltd 
http://www.online-bills.com/
mailto:p.barbier,AT,online-bills,DOT,com 






<< | Thread Index | >> ]    [ << | Date Index | >> ]