RE: Cipe and masquerading.|
Rod Boyce <rod_boyce,AT,stratexnet,DOT,com>|
Thu, 26 Sep 2002 00:13:57 +0200|
From: Kurt Roeckx [mailto:Q,AT,ping,DOT,be
Sent: Wednesday, September 25, 2002 2:32 PM
To: Rod Boyce
Subject: Re: Cipe and masquerading.
On Thu, Sep 26, 2002 at 08:32:07AM +1200, Rod Boyce wrote:
> Firstly how do you know that the CIPE connection is up?
Because I can ping host D from B, and B from D.
Can you see the packets go across the CIPE connection. 'tcpdump -I cipe0 |
grep icmp' will show pings going across the cipe network. If this is the
case and this works as you describe then. Your problem is a routing problem
and nothing to do with CIPE. If this is not the case then you still have a
CIPE problem this is unlikely.
> Do you have the UDP port that you are running CIPE over port forwarded
> host C to host D? I ask this question because you say host D is running
> CIPE but host C is the gateway for that network. This being the case you
> have to have the UPD port that CIPE is running over forwarded from host C
> host D.
Atm not because the UDP port changes all the time. That's
probably because I use pkcipe. If you set the ping low enough,
below 30 seconds, it keeps working.
At least one end has to be listening on a known UDP port otherwise how does
the tunnel know where to look in the first instance.
If you think the problem is with A?B then maybe you have a routing problem.
I suggest trying a setting up a source route on host A to host D or the
network host D is connect to. This will prove the issue and then all you
need to do is set up the routing correctly.
Hope this helps.