<< | Thread Index | >> ]    [ << | Date Index | >> ]


Good luck there is nothing wrong with you CIPE VPN.  You just have to figure
out the routing.

Regards,
Rod Boyce.

 -----Original Message-----
From:   Kurt Roeckx [mailto:Q,AT,ping,DOT,be 
Sent:   Wednesday, September 25, 2002 4:09 PM
To:     Rod Boyce
Cc:     cipe-l,AT,inka,DOT,de
Subject:        Re: Cipe and masquerading.

On Thu, Sep 26, 2002 at 10:06:26AM +1200, Rod Boyce wrote:
> Can you see the packets go across the CIPE connection.  'tcpdump -I cipe0
|
> grep icmp' will show pings going across the cipe network.  If this is the
> case and this works as you describe then.  Your problem is a routing
problem
> and nothing to do with CIPE.  If this is not the case then you still have
a
> CIPE problem this is unlikely.

If I ping 10.0.0.1 (B) from 10.0.1.2 (D), I'm pretty sure the
internet is not going to route it for me.  I also saw the
packets on the cipb0 and ppp0/eth0 interface.

> At least one end has to be listening on a known UDP port otherwise how
does
> the tunnel know where to look in the first instance.

As long as D does not send something to B, B can't send something
to D because of the NAT.  Once D does send something, things work
perfectly.  Although, I'd like to use DNAT for it.

Kurt





<< | Thread Index | >> ]    [ << | Date Index | >> ]