<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: "David A. Osborn" <david.osborn,AT,mchsi,DOT,com>
Subject: Re: Ping problem
From: "Hans Steegers" <hsx,AT,dds,DOT,nl>
Date: Sun, 31 Aug 2003 21:05:38 +0200
Cc: <cipe-l,AT,inka,DOT,de>
Reply-to: "Hans Steegers" <steegers,AT,steegers,DOT,nl>

>Is there a program that does the same thing as tcpdump on
>Win2000?

Yes, Ethereal:
URL's:
http://windump.polito.it/
http://windump.mirror.ethereal.com/
http://www.mirrors.wiretapped.net/security/packet-capture/windump/
You need to install the WinPcap libraries as well.
You will find all the info you need at the above sites.

Hans Steegers

-----Original Message-----
From: David A. Osborn <david.osborn,AT,mchsi,DOT,com>
To: Hans Steegers <steegers,AT,steegers,DOT,nl>
Cc: cipe-l,AT,inka,DOT,de <cipe-l,AT,inka,DOT,de>
Date: Sunday, August 31, 2003 8:51 PM
Subject: Re: Ping problem

>HAHA, yeah you're right with the netmask.  I don't know what I was thinking
>with that.  Is there a program that does the same thing as tcpdump on
>Win2000?  Thats what the .254 box is and I'm not familiar with how to do a
>dump on there.
>
>----- Original Message -----
>From: "Hans Steegers" <hsx,AT,dds,DOT,nl>
>To: "David A. Osborn" <david.osborn,AT,mchsi,DOT,com>
>Cc: <cipe-l,AT,inka,DOT,de>
>Sent: Sunday, August 31, 2003 1:35 PM
>Subject: Re: Ping problem
>
>
>> Does the echo request show up at the interface on .254?
>>
>> Looks to me a routing problem between LAN and the CIPE interface
>> Does .254 know .248 is the gateway to the other LAN?
>> etc. etc.
>>
>> Rules are ok if on the 192.168.1.0 side, except for the netmask, which is
>> obviously strange: shouldn't that be /24 for a class C network?
>> 192.168.1.0/8 specifies a class A range: 192.0.0.0 .. 192.255.255.255
>> Do you use this mask also for your route table? If so, that's your
>problem!
>> [192.168.1.0/8 is identical to 192.168.1.0/255.0.0.0]
>>
>> Hans Steegers
>>
>> -----Original Message-----
>> From: David A. Osborn <david.osborn,AT,mchsi,DOT,com>
>> To: cipe-l,AT,inka,DOT,de <cipe-l,AT,inka,DOT,de>
>> Date: Sunday, August 31, 2003 8:01 PM
>> Subject: Re: Ping problem
>>
>>
>> >Well if I try to ping an ip on my internal network (192.168.1.254) from
>> >192.168.10.1 thru 192.168.1.248 it doesn't make it.  The echo request
>goes
>> >across the VPN fine, and if I do a tcpdump on eth1 of 192.168.1.248
which
>> is
>> >the connection to the LAN the echo request is showing up there, but no
>> >response is coming back.  This would lead me to believe the echo request
>is
>> >not going onto the LAN.  Shouldn't the following iptable rules be
>handling
>> >that though?
>> >
>> >iptables -A FORWARD -i cipcb0 -s 192.168.10.0/8 -d 192.168.1.0/8 -o
>eth1 -j
>> >ACCEPT
>> >iptables -A FORWARD -i eth1 -s 192.168.1.0/8 -d 192.168.10.0/8 -o
>cipcb0 -j
>> >ACCEPT
>> >
>> >
>> >----- Original Message -----
>> >From: "David A. Osborn" <david.osborn,AT,mchsi,DOT,com>
>> >To: <cipe-l,AT,inka,DOT,de>
>> >Sent: Sunday, August 31, 2003 12:14 PM
>> >Subject: Re: Ping problem
>> >
>> >
>> >> Ah you're right.  The culprit was a faulty output rule on
192.168.1.248
>> >box.
>> >> I was allowing output for 192.168.0.0/8 instead of 192.168.0.0/16.
The
>> >ping
>> >> is working fine now between the two machines linked by CIPE. Now I
need
>> to
>> >> figure out why I can't ping the internal network.
>> >>
>> >>
>> >> ----- Original Message -----
>> >> From: "Hans Steegers" <hsx,AT,dds,DOT,nl>
>> >> To: "David A. Osborn" <david.osborn,AT,mchsi,DOT,com>
>> >> Cc: <cipe-l,AT,inka,DOT,de>
>> >> Sent: Sunday, August 31, 2003 11:59 AM
>> >> Subject: Re: Ping problem
>> >>
>> >>
>> >> > Looks like a routing or firewall problem:
>> >> >
>> >> > 192.168.1.248 -> 192.168.10.1: ping reply returns to the local cipe
>> >> > interface but is not seen by the ethernet interface..(?)
>> >> > 192.168.10.1 -> 192.168.1.248: ping request reaches the cipe
>interface
>> >on
>> >> > 248 but reply fails.
>> >> > So, there must be a problem between the cipe interface and the
>ethernet
>> >> > interface on 192.168.1.248, related to routing or the firewall
blocks
>> >ICMP
>> >> > reply packets..
>> >> >
>> >> >
>> >> > Hans Steegers
>> >> >
>> >> > -----Original Message-----
>> >> > From: David A. Osborn <david.osborn,AT,mchsi,DOT,com>
>> >> > To: cipe-l,AT,inka,DOT,de <cipe-l,AT,inka,DOT,de>
>> >> > Date: Sunday, August 31, 2003 6:35 PM
>> >> > Subject: Ping problem
>> >> >
>> >> >
>> >> > I am still having issues getting CIPE working.  It looks like it is
>> >close,
>> >> > but my ping is acting a little weird.  The two machines have Ip
>address
>> >> > 192.168.10.1 and 192.168.1.248, I do a "tcpdump -i cipcb0"  on both
>> >> machines
>> >> > and do a ping and I get the following:
>> >> >
>> >> > ping from 192.168.1.248 to 192.168.10.1:
>> >> > both tcpdumps display:
>> >> > 192.168.1.248 > 192.168.10.1: icmp: echo request (DF)
>> >> > 192.168.10.1 > 192.168.1.248 icmp: echo reply
>> >> >
>> >> > This would tell me that the ping should be completing fine, but the
>> >actual
>> >> > Ping command fails on every attempt.
>> >> >
>> >> > ping from 192.168.10.1 to 192.168.1.248
>> >> > both tcpdumps display
>> >> > 192.168.10.1 > 192.168.1.248: icmp: echo request (DF)
>> >> >
>> >> > neither display the echo reply and of course the Ping fails.
>> >> >
>> >> > Any ideas?
>> >> >
>> >> >
>> >> >
>> >> >
>> >> > --
>> >> > Message sent by the cipe-l,AT,inka,DOT,de mailing list.
>> >> > Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in 
>> >> > body
>> >> > Other commands available with "help" in body to the same address.
>> >> > CIPE info and list archive:
>> >> <URL:http://sites.inka.de/~bigred/devel/cipe.html>
>> >>
>> >>
>> >> --
>> >> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
>> >> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
>> >> Other commands available with "help" in body to the same address.
>> >> CIPE info and list archive:
>> ><URL:http://sites.inka.de/~bigred/devel/cipe.html>
>> >
>> >
>> >--
>> >Message sent by the cipe-l,AT,inka,DOT,de mailing list.
>> >Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
>> >Other commands available with "help" in body to the same address.
>> >CIPE info and list archive:
>> <URL:http://sites.inka.de/~bigred/devel/cipe.html>
>>
>
>
>--
>Message sent by the cipe-l,AT,inka,DOT,de mailing list.
>Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
>Other commands available with "help" in body to the same address.
>CIPE info and list archive:
<URL:http://sites.inka.de/~bigred/devel/cipe.html>


<< | Thread Index | >> ]    [ << | Date Index | >> ]