> My problem is that after a few minutes, the packets from each of the
> machines to the other start being rejected. I assume this has something
> to do with related packets in the firewall rules and I'm wondering if
> setting the ping option for the cipe interfaces will prevent this from
> happening. Has anyone else gotten this to work?
What you describe is like the basic setup, and it works for me like for
thousand others. You do not want any RELATED or ETABLISHED rules on your
raw cipe udp trafic. Simply accept if from your peer and reject any
other source (although cipe can manage that check as well, but I like
redundancy if it's about security).