<< | Thread Index | >> ]    [ << | Date Index | >> ]

Subject: Re: cipe-Win32 (2.0-pre15) and ARP requests...
From: Rod Boyce <rod_boyce,AT,stratexnet,DOT,com>
Date: Mon, 24 Mar 2003 01:09:42 +0100
In-reply-to: <004801c2f194$944ad060$0a02a8c0@notebook2>

This is a routing issue plain and simple.  If you can ping the peers IP 
address then you are looking at a routing issue.
I suppect the reason why you cannot ping other hosts on the same subnet is 
that you should not be doing it the way you described.  
The IP addresses for the tunnel must be totally diffrent to the addresses of 
the rest of teh network.  Then create routes to the other 
subnets it will start working then.  You have to create returnning routes 
from your lan to the tunneled laptop as well.

Regards,
Rod Boyce.

On Sun, 23 Mar 2003 18:33:15 -0500
"Lawrence Katz" <ljk,AT,larryka,DOT,tzo,DOT,com> wrote:

> Hi,
>  
> I have recently become fed up trying to get IPSEC and PPTP to work from
> my "roaming" notebook to my house due to firewall and NAT issues, so I
> decided to try CIPE.  So far I like it, I was able to get a tunnel up
> and running in no time.  However, I've spent the past day trying to
> figure out why I can't access hosts on the CIPE server's subnet.  I
> think I've narrowed it down to an ARP issue.  I searched the web and the
> list archives for a solution, but I haven't found much related
> information.  Hopefully someone here has seen this....
>  
> Here's my configuration:
>  
> Windows 2000 Notebook
> E-Smith 5.6 (i.e. RedHat 7.3)
> ------------------------------------
> -------------------------------------------
> Peer = <static external address of home network>:6789        Peer =
> 0.0.0.0:9
> PTPAddr = 192.168.0.9 (Have also tried 192.168.2.9)            PTPAddr =
> 192.168.2.10
> Me = 192.168.2.10
> Me = 192.168.0.9:6789 (Have also tried 192.168.2.9)
>  
> maxerr = -1
>  
> dynip = TRUE
>  
> I have a static route of 192.168.0.0/24 via 192.168.2.10 on my notebook,
> and a route to 192.168.2.10/32 via 192.168.0.9 on the default gateway on
> the server side's network.  I can ping the server's PTPAddr of
> 192.168.0.9 from my notebook, but when I try to ping any other address
> on the same subnet as the server, the ping times out.  If I run tcpdump
> on the server side, I do not see the ICMP packets making it through.  If
> I run windump on my notebook, I see ARP requests going out for the IP
> I'm trying to ping, but they never get answered.  I have noticed that
> cipsrvr generates a fake ARP address for the server's PTPAddr.  When I
> manually add an entry with the same MAC address to the ARP table for the
> IP I'm trying to ping, I can ping and access any of the services on the
> destination host without a problem.  I wrote a batch file to add all of
> the addresses to the ARP table that I might use on the subnet, but I'm
> wondering if I'm missing something in my configuration that would make
> this unnecessary and more elegant.
>  
> Thanks,
> Lawrence
> 





<< | Thread Index | >> ]    [ << | Date Index | >> ]