<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: Cipe using the wrong ports..
From: Daniel Gibbs <d.gibbs,AT,online-bills,DOT,com>
Date: Wed, 10 Jul 2002 14:32:37 +0200
Title: RE: Cipe using the wrong ports..




I've kinda figerd out what the acuall problem is but have no idea how to 
solve this..


Basicly, if I ping from 192.168.50.46 (which is behind the ManC box) to a box 
behind the SoT box, the box trys to ping the origanal (global IP) this 
causing ping not to respond...

13:20:41.949089 cipcb1 < x.x.131.27 > pc035: icmp: echo request
13:20:41.954081 eth1 > x.x.131.27 > pc035: icmp: echo request
13:20:41.954359 eth1 < pc035 > x.x.131.27: icmp: echo reply
13:20:41.954386 eth0 > pc035 > x.x.131.27: icmp: echo reply



line 1 we see cipe drop the packet onto the network
line 2 we see the packet on eth1 seing sent on
line 3 we see the packet on eth1 repying 
line 4 we see the packet on eth0 going to the realworld


something tells me there's some snating somewhere....
Or can any one else see something I've spoted?


cheers
dan


-----Original Message-----
From: Gert.Vandelaer,AT,medisearch-int,DOT,com
[mailto:Gert.Vandelaer,AT,medisearch-int,DOT,com
Sent: 10 July 2002 10:08 AM
To: Daniel Gibbs
Cc: Cipe-L (E-mail); owner-cipe-l,AT,inka,DOT,de; 'Peter van den Heuvel'
Subject: RE: Cipe using the wrong ports..




If one box is not using the cipe device, it sounds to me a routing issue
more than CIPE.
Are you sure that your ip-up scripts is adding the correct route for CIPE
traffic ?


bye,
Gert




??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????? Daniel 
Gibbs??????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????? <d.gibbs@online-??????? To:???? 'Peter van den Heuvel' 
<peter,AT,bank-connect,DOT,com>??????????????????????????????? 

??????????????????? bills.com>????????????? cc:???? "Cipe-L (E-mail)" 
<cipe-l,AT,inka,DOT,de>???????????????????????????????????????????? 

??????????????????? Sent by:??????????????? Subject:???? RE: Cipe using the 
wrong ports..????????????????????????????????????????? 

??????????????????? 
owner-cipe-l@ink??????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????? 
a.de??????????????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????? 09/07/2002 
06:01??????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????? 
PM????????????????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
 

??????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????????
 






Hi, I've looked at the Firewalls nither seam to be blocking/nating those
addresses.
Though I've figgured out (after playing with tcpdump) that ManC isn't
sending the Packets though CIPE.


So I'm baffled...
IF only it was simpaly me not adding a rule in the firewall..


Back to the drawing bord then..


Cheers
Dan


ps.. I know but I couldnt be botherd + I had several ppl asking me things
...


-----Original Message-----
From: Peter van den Heuvel [mailto:peter,AT,bank-connect,DOT,com
Sent: 09 July 2002 04:35 PM
Cc: Cipe-L (E-mail)
Subject: Re: Cipe using the wrong ports..


> hi, I'm trying to get cipe working between two sites howver nither
> have been talking to each other..
> I found out that one of the sites seams not to be using the right
> ports.
> Does any one know why this will happend or how to stop it from
> happening.
I would think this is the consequence of NAT (or masquerading). I've run
numerous versions of cipe combined with rather rigerous firewall setups
and never overserved this behaviour otherwise.


Peter


PS. No use to strip the IP's from the config if you leave 'm in the
tcp-dump :>)


--
Message sent by the cipe-l,AT,inka,DOT,de mailing list.
Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive: <URL:
http://sites.inka.de/~bigred/devel/cipe.html>








<< | Thread Index | >> ]    [ << | Date Index | >> ]