<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: RE: options config...
From: SBNelson,AT,thermeon,DOT,com
Date: Wed, 12 Feb 2003 15:45:45 +0100

> Linux A--------NAT/Firewall---| Internet |-----------Linux B
> 
> 
> Right now I can ping B from A.  However I'm getting 
> 
> ciped-cb[5895]: kxchg: recv: Connection refused
> kernel: cipcb0: cipe_recvmsg
> 
> when I try to ping A from B.
> 
> My questions are:
> 
> 1) In the options file on Linux A, what should be "me"?
        0.0.0.0:999
> 2) In the options file on Linux B, what should be "peer"?
        0.0.0.0:999
> 3) What protocols/ports should be open on the NAT/Firewall?
        UDP for the port number(s) you chose, in my example, 999.

        Note that Linux A will need to start the communication because only
the firewall knows the true IP address that Linux B can use to send CIPE
packets too.  Once Linux B gets a packet with the correct key, it will then
use that IP address to communicate with Linux A.

        Of course, if you have static IP addresses or ports you can assign,
then you can use those.  For instance, if the NAT/Firewall has a static IP
address, you can use port forwarding to forward, say, port 999 to Linux A.
Then you can use the IP address of the firewall with port 999 for Linux B's
peer setting:   1.2.3.4:999.





<< | Thread Index | >> ]    [ << | Date Index | >> ]