<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: [Fwd: cipe build problems]
From: "Kevin Brouelette" <kevin,AT,texum,DOT,com>
Date: Thu, 20 Feb 2003 18:51:05 +0100
In-reply-to: <1045712539.6221.20.camel@h68-146-142-19.localdomain>

Hello,
I was able to run CIPE on stock RH8 using the supplied rpms and the 'neat'
configuration tool from RH.  I reinstalled those test machines when I was done
with the testing so I don't have the config's but here are some things I  did 
to
make it work.  My network looked like this [bogus public ip's used for the
example.] [sorry if it line wraps]

PC on LAN_A                   NAT GW/CipeFW_"right" and it's public IP
My laptop
192.168.50.100/24             192.168.50.1/24<--> 4.3.2.2/27            
<--internet-->
66.75.96.255/27

So I run CIPE on the 'right' gateway that NAT's to LAN A and I run CIPE on my 
laptop from
home.
I config the 'right' gw like this:

device cipcb0
tunnel thru eth0
local port 7777
remote peer 66.75.96.255
remote port 7777
remote virtual address 192.168.60.1
local virtual address     192.168.60.2
secret key 'shhhhhhhh'

Then on my laptop do the inverse of the settings:\
device cipcb0
tunnel thru eth0
local port 7777
remote peer  4.3.2.2
remote port 7777
remote virtual address 192.168.60.2
local virtual address     192.168.60.1
secret key 'shhhhhhhh'

Note: the 'remote virtual address' and the 'local virtual address' could be 
any thing in
the
private IP range outside my 192.168.50.0/24 LAN_A.

Start CIPE on both sides and the tunnel should be up.  Now my laptop needs to 
know
how to get to packets to LAN_A.

route add -net 192.168.50.0 netmask 255.255.255.0 gw dev cipcb0

The laptop can ping 192.168.50.100 and see the apache test webpage running on 
that host.
I don't know about how to translate these setting to the cipe.conf file as RH 
chops the
config's
into a few different files but you can setup a stock box and see where it 
creates them. If
I
remember there are files in /etc/cipe/ and in /etc/sysconfig/network-scripts/

Hope this helps, I spent a few days figuring this out as well.

Kevin Brouelette RHCE
Texum Technologies Inc
www.texum.com

----- Original Message -----
From: "Kim Lux" <lux,AT,diesel-research,DOT,com>
To: <cipe-l,AT,inka,DOT,de>
Sent: Thursday, February 20, 2003 6:13 AM
Subject: Re: [Fwd: cipe build problems]

> I spent the evening trying to build and install CIPE.  It didn't happen
> and I'm pretty frustrated.  I tried with RH8's CIPE and inka's CIPE.
>
> CIPE doesn't look like a very complicated package to install.  It
> doesn't have a lot of dependencies, it doesn't require a lot of special
> libraries, etc.  It shouldn't be that difficult.
>
> I don't mean to put anyone down when I say this, but the documentation
> needs work, or at least it does to be clear to me.  Furthermore, I find
> .textinfo docs to be a pain in the arse because they can't be logically
> printed and I hate viewing docs on line when I've already got 6 windows
> open trying to set things up.  I'd rather have a good man page than a
> textinfo page.  Too many hyperlinks confuse me.
>
> I've taken the liberty of starting to edit and revise the CIPE
> instruction manual.
>
> a) I propose that a version exist that isn't .textinfo.  Maybe PDF ?
>
> b) the thing I found when editing it is that the order that the
> information is presented in jumps around a lot.  We go back and forth
> from compile to load to compile errors to load to...
>
> c) there is almost no correlation between the Redhat CIPE version docs
> and methods and the inka version.  Truthfully, I am not sure the Redhat
> instructions are even workable.
>
> d) there are about 6 critical points in the text that require an
> explanation or example to make clear.  The whole process of making the
> components, loading them and configuring them is really foggy to me.  My
> editing comments will illustrate my point of view.  Furthermore, the
> processes aren't even the same between Redhat and inka.
>
> I'm willing to revise this document, but I need  help as I am a novice
> CIPE user.  I'm willing to share the editing I have done so far.  I'm
> open to listening to any and all input.
>
> Regards,
>
> Kim Lux
> --
> Kim Lux <lux,AT,diesel-research,DOT,com>
>
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive: 
><URL:http://sites.inka.de/~bigred/devel/cipe.html>
>





<< | Thread Index | >> ]    [ << | Date Index | >> ]