<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: cipe-Win32 (2.0-pre15) and ARP requests...
From: "Lawrence Katz" <ljk,AT,larryka,DOT,tzo,DOT,com>
Date: Mon, 24 Mar 2003 00:48:49 +0100


Hi,
?
I have recently become fed up trying to?get 
IPSEC and PPTP to work from my "roaming" notebook to my house due to firewall 
and NAT issues, so I decided to try CIPE.? So far I like it,?I was 
able to get a tunnel up and running in no time.? However, I've spent the 
past day trying to figure out why I can't access hosts on the CIPE server's 
subnet.? I think I've narrowed it down to an ARP issue.? I searched 
the web and the list archives for a solution, but I haven't found much 
related 
information.? Hopefully someone here has seen this....
?
Here's my configuration:
?
Windows 2000 
Notebook??????? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ??? E-Smith 5.6 (i.e. RedHat 7.3)
<FONT face=Arial 
size=2>------------------------------------??? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ??? ??? 
-------------------------------------------
Peer = <static external address of home 
network>:6789??? ??? Peer = 
0.0.0.0:9
PTPAddr = 192.168.0.9 (Have also tried 
192.168.2.9)??? ??? ??? PTPAddr = 
192.168.2.10
Me = 192.168.2.10??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ???? Me = 192.168.0.9:6789 (Have also 
tried 192.168.2.9)
<FONT face=Arial 
size=2>????????????????????????????????????????????????????????????????????????????????????????maxerr
 
= -1
??? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
??? ??? ??? ??? 
dynip = TRUE
?
I have a static route of 192.168.0.0/24 via 
192.168.2.10 on my notebook, and a route to 192.168.2.10/32 via 192.168.0.9 
on 
the default gateway on the server side's network.? I can ping the server's 
PTPAddr of 192.168.0.9 from my notebook, but when I try to ping any other 
address on the same subnet as the server, the ping times out.? If I run 
tcpdump on the server side, I do not see the ICMP packets making it 
through.? If I run windump on my notebook, I see ARP requests going out for 
the IP I'm trying to ping, but they never get answered.? I have noticed 
that cipsrvr generates a fake ARP address for the server's PTPAddr.? When I 
manually add an entry with the same MAC address to the ARP table for the IP 
I'm 
trying to ping, I can ping and access any of the services on the destination 
host?without a problem.? I wrote a 
batch file to add all of the addresses to the ARP table that I might use on 
the 
subnet, but I'm wondering if I'm missing something in my configuration that 
would make this unnecessary and more elegant.
?
Thanks,
Lawrence



<< | Thread Index | >> ]    [ << | Date Index | >> ]