<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: Phil Scarratt <fil,AT,draxsen,DOT,com>
Subject: Re: Setting up CIPE on XP
From: James Knott <james.knott,AT,rogers,DOT,com>
Date: Tue, 12 Aug 2003 20:33:10 -0400
Cc: CIPE <cipe-l,AT,inka,DOT,de>
In-reply-to: <3F3984E1.9000308@draxsen.com>
References: <3F2E9BCA.9010402@rogers.com> <3F2F0B0F.8010309@draxsen.com> <3F317F12.2060102@rogers.com> <3F31B4EB.6080003@draxsen.com> <3F344E68.1030505@rogers.com> <3F34AFDE.4030009@draxsen.com> <3F384192.3080200@rogers.com> <3F38517F.9090007@draxsen.com> <3F395462.6090808@rogers.com> <3F3984E1.9000308@draxsen.com>

Phil Scarratt wrote:
It's gotta be something on the XP routing side. Windows routing is a little strange (but then again maybe it's only strange to those who are used to the enlightened Linux way of things).

There's plenty strange in the way Billy G. does things. ;-)

The route is automatically added by windows because of the CIPE adapter TCP settings. In other words, windows assumes that if an adapter has an address w.x.y.z, then the network (regardless of whether there is any other machines connected or even a cable plugged in) connected to that adapter is w.x.y.0 (which is a reasonable assumption I guess). Also, from a TCP/IP point of view, the CIPE tunnel is a LAN in it's own right - hence and form a network.

Try connecting without the route add command in the Startup Script. It should not be necessary. The automatic windows route should be sufficient to get to and in fact Windows may be getting confused (which it quite often does :) )

Removing that makes no difference. I had tried it before and again now.
I can ping, but not and I don't see any traffic. I'll have to get Ethereal for Windows and see if it shows anything.



James Knott wrote:

My home lan is The firewall cipe address is and the notebook is There is no remote lan. The notebook is assigned an address, when it connects to the ISP.

This combo works in Linux. I'm also curious about that route, when there is no lan. There's only the 2 vpn end points with a 192.168.2.x address.

Phil Scarratt wrote:

What is the LAN IP range for the network the firewall is on? Is it If so, when I originally installed on Windows (2k - not sure if XP had the same problem) I HAD to choose ip addresses for the CIPE link that were not part of either ends LAN range. EG:
Choosing .1.0 or .2.0 for CIPE_A-B didn't work for some complicated reason which I cannot remember.

James Knott wrote:

Atfer getting nowhere fast, I reinstalled the CIPE drivers.

I've configured the VPN as follows.

Local IP address Port 6969
Peer IP Address <real host name> Port 6969
Local PTP Address
Peer PTP Address
Status Enabled
Cipher NONE
Startup Script route add

route print shows

C:\Documents and Settings\jknott>route print

Interface List
0x1 ........................... MS TCP Loopback interface
0x2 ...00 00 e2 8a 26 aa ...... Intel(R) PRO/100 VE Network Connection - Packe
Scheduler Miniport
0x3 ...00 20 e0 8a a6 ce ...... IBM High Rate Wireless LAN MiniPCI Combo Card
Packet Scheduler Miniport
0x4 ...08 00 58 00 00 01 ...... CIPE VPN Adapter - Packet Scheduler Miniport
0x20006 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface


Active Routes:
Network Destination Netmask Gateway Interface Metric 21 1 1 20 20 20 30 1 30 30 1 50 50 20 30 1 1 3 1 1
Default Gateway:

Persistent Routes:

After all this, I can ping the notebook end, but not the firewall end. Also, I don't see any indication of data going through the VPN.

<< | Thread Index | >> ]    [ << | Date Index | >> ]