<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: James Knott <james.knott,AT,rogers,DOT,com>
Subject: Re: Setting up CIPE on XP
From: Phil Scarratt <fil,AT,draxsen,DOT,com>
Date: Wed, 13 Aug 2003 10:22:57 +1000
Cc: CIPE <cipe-l,AT,inka,DOT,de>
Organization: Draxsen Technologies
References: <3F2E9BCA.9010402@rogers.com> <3F2F0B0F.8010309@draxsen.com> <3F317F12.2060102@rogers.com> <3F31B4EB.6080003@draxsen.com> <3F344E68.1030505@rogers.com> <3F34AFDE.4030009@draxsen.com> <3F384192.3080200@rogers.com> <3F38517F.9090007@draxsen.com> <3F395462.6090808@rogers.com>

It's gotta be something on the XP routing side. Windows routing is a little strange (but then again maybe it's only strange to those who are used to the enlightened Linux way of things).

The route is automatically added by windows because of the CIPE adapter TCP settings. In other words, windows assumes that if an adapter has an address w.x.y.z, then the network (regardless of whether there is any other machines connected or even a cable plugged in) connected to that adapter is w.x.y.0 (which is a reasonable assumption I guess). Also, from a TCP/IP point of view, the CIPE tunnel is a LAN in it's own right - hence and form a network.

Try connecting without the route add command in the Startup Script. It should not be necessary. The automatic windows route should be sufficient to get to and in fact Windows may be getting confused (which it quite often does :) )


James Knott wrote:
My home lan is The firewall cipe address is and the notebook is There is no remote lan. The notebook is assigned an address, when it connects to the ISP.

This combo works in Linux. I'm also curious about that route, when there is no lan. There's only the 2 vpn end points with a 192.168.2.x address.

Phil Scarratt wrote:

What is the LAN IP range for the network the firewall is on? Is it If so, when I originally installed on Windows (2k - not sure if XP had the same problem) I HAD to choose ip addresses for the CIPE link that were not part of either ends LAN range. EG:
Choosing .1.0 or .2.0 for CIPE_A-B didn't work for some complicated reason which I cannot remember.

James Knott wrote:

Atfer getting nowhere fast, I reinstalled the CIPE drivers.

I've configured the VPN as follows.

Local IP address Port 6969
Peer IP Address <real host name> Port 6969
Local PTP Address
Peer PTP Address
Status Enabled
Cipher NONE
Startup Script route add

route print shows

C:\Documents and Settings\jknott>route print

Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 00 e2 8a 26 aa ...... Intel(R) PRO/100 VE Network Connection - Packe
Scheduler Miniport
0x3 ...00 20 e0 8a a6 ce ...... IBM High Rate Wireless LAN MiniPCI Combo Card
Packet Scheduler Miniport
0x4 ...08 00 58 00 00 01 ...... CIPE VPN Adapter - Packet Scheduler Miniport
0x20006 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface


Active Routes:
Network Destination Netmask Gateway Interface Metric 21 1 1 20 20 20 30 1 30 30 1 50 50 20 30 1 1 3 1 1
Default Gateway:

Persistent Routes:

After all this, I can ping the notebook end, but not the firewall end. Also, I don't see any indication of data going through the VPN.

-- Phil Scarratt Draxsen Technologies IT Contractor/Consultant 0403 53 12 71

<< | Thread Index | >> ]    [ << | Date Index | >> ]