There are a couple of things that could cause this, but they are not
necessairily linked to the use of cipe.
Check if the reverse hostname of the IP where the FTP-client runs on
exists and is forward-resolvable.
If the FTP-server is also under your control, run a tcpdump on it. It's
possible that it does an ident (port 113/tcp) for your connection, but that
this ident is dropped somewhere. If this is the case, fix your fw rulez
(an ident should never be dropped, it should be accepted or rejected).
On Thu, Jan 17, 2002 at 03:48:12PM -0600, Adam Haeder wrote:
> I've had a cipe vpn in place for almost 2 years. I've had a few
> intermittent problems with ftp, one going on right now. My main "hub" cipe
> system is an older box running cipe-1.3. This box also runs firewalling
> and masquerading for a small network. I've got numerous boxes connected
> to this one over the internet, some cipe-1.3 all the way up to 1.5.2 (with
> the bug-compatible enabled). The problem I'm experiencing is in ftp
> authentication. If I try to ftp to a system over a cipe link (whether the
> systems are 1.3 or 1.5.2), the server's ftp banner comes up after about 30
> seconds, but I don't get a login prompt until almost 3 minutes later. It's
> not a dns issue (all relevent hosts have entries in /etc/hosts on all
> systems) and I've disabled AUTH lookups by the ftp server. Plus there is
> minimal load on the system.
> If I ftp straight into a machine (not over cipe) I am immediately
> strange is that this has happened 4 or 5 times in the last few years,
> usually happens for about 24 hours, and then goes away. I can't see any
> rhyme or reason to it. All other connections (http, ssh, etc) do not
> experience this problem. Anyone experience anything similar?
> Adam Haeder
> Technical Coordinator, AIM Institute
> (402) 345-5025 x115
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: