On the Linux end route add -net <destination network> netmask <netmask> gw 10.200.200.2 And on the Win2k end route add -p <destination network> mask <netmask> 10.200.200.1 My CIPE interfaces are 10.200.200.1 (Linux) and 10.200.200.2 (Windows). > > I hope it is fairly solid - I haven't needed to reboot the > Windows 2000 > advanced server for about 3 months now - but I don't do anything too > major on it - just a file/apache/mysql/radius server... Well, the Win2k end of my link seems to be better in recent times. I believe the box was reinstalled a while back, so I'm wondering whether the problems were all CIPE. Because it's not my box, I have no idea of when it's rebooted, but it has been a fair while since I've had to fiddle with the link. If possible, do a trial connection between a Win2k and a Linux box in a lab setting, before deploying CIPE. Might save racking up too many frequent flyer points. :-) The thing to watch out for is excessively high RTT times when pinging across the CIPE link. If the RTT times get much above normal latency for the underlying connection, then you are having the same problems I had early on. Compare the ping time across the carrier network to those through the tunnel. They should remain the same. It may take several days for problems to become apparent. Push some data through the link, and also take the Linux end down for several hours from time to time, to try and induce problems. If after a few weeks of heavy use and abuse in the lab all is well, you should be right to go live with CIPE. :) As for Linux-Linux, well, that's been rock stable on 2 VPN links I manage (one at home, one at work). > > If it's not too stable I'll have a go at setting up 2 debian > machines - > but I'd rather not have to fly to the other side of Australia, I don't > have the time... That can be a pain. Are you in Perth? I know about the travelling thing, I've made many trips to Sydney myself (I'm in Melbourne). > Is there any other way other than to manually change the > routing tables > for all the clients (using DHCP flags?). There is the static route option in DHCP, but I haven't played with it a lot (had problems getting it working and put it to one side early in the NT days). Win2k DHCP (server) is probably nicer (in terms of setup) in that respect, but I haven't needed that option of late. > > Do you have a static IP for your home net connnection? No, it's dynamic. I use hostnames in the PTP fields and use one of the free DDNS serivces to ensure my hostname points to my current IP address. Once the link is up, CIPE can keep track of any IP changes automatically. Being on cable (Optus), the IP doesn't change that frequently. --- Outgoing mail has been scanned for Viruses Checked by AVG anti-virus system (http://www.grisoft.com). Version: 6.0.404 / Virus Database: 228 - Release Date: 15/10/2002 This correspondence is for the named person?s use only. It may contain confidential or legally privileged information or both. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this correspondence in error, please immediately delete it from your system and notify the sender. You must not disclose, copy or rely on any part of this correspondence if you are not the intended recipient. Any opinions expressed in this message are those of the individual sender.