<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: "'bhein,AT,bmc-pos,DOT,com'" <bhein,AT,bmc-pos,DOT,com>,Damion Wilson <dwilson,AT,ibl,DOT,bm>
Subject: RE: site to site VPN
From: Michael Da Cova <mdacova,AT,equiinet,DOT,com>
Date: Wed, 17 Sep 2003 15:05:33 +0100
Cc: cipe-l,AT,inka,DOT,de

Brad

A while back when I was testing CIPE I had a few issues and one of the guys
on the list pointed me to
http://sites.inka.de/bigred/archive/cipe-l/2003-04/msg00000.html after
downloading the patch and updating my system I find it work better a lot
better

Hope this helps

Michael

-----Original Message-----
From: bhein,AT,bmc-pos,DOT,com [mailto:bhein,AT,bmc-pos,DOT,com 
Sent: 17 September 2003 14:37
To: Damion Wilson
Cc: cipe-l,AT,inka,DOT,de
Subject: Re: site to site VPN

Damion, I'm sorry If I seemed a little critical in that post.

What I meant about "cleanest version" Is that even though point-release 15
is the latest release, I wanted to know if this is what people (who are NOT
having problems) are running.

Thanks

--Brad

|---------+---------------------------->
|         |           Damion Wilson    |
|         |           <dwilson,AT,ibl,DOT,bm> |
|         |                            |
|         |           09/17/2003 10:27 |
|         |           AM               |
|         |                            |
|---------+---------------------------->
 
>---------------------------------------------------------------------------
---------------------------------------------------|
  |
|
  |       To:       bhein,AT,bmc-pos,DOT,com
|
  |       cc:       cipe-l,AT,inka,DOT,de
|
  |       Subject:  Re: site to site VPN
|
 
>---------------------------------------------------------------------------
---------------------------------------------------|

What do you mean by the "cleanest version" ?

No, of course it's not abandoned. There's a big redesign of the service
coming
and a patch release of the driver pending. Circumstances (including a
hurricane induced power outage) have prevented me doing a proper compile
and
test at home. I don't have the CIPE-Win32 build environment setup at work
so
it slows things down considerably.

DKW

On Monday 15 September 2003 03:23 pm, bhein,AT,bmc-pos,DOT,com wrote:
> Mr. Salles,
>
> CIPE is an awesome solution to establishing a VPN connection through just
> about any NAT/MASQ situation. The Linux cipe daemon runs like a champ.
> However the Win32 port is what is in question. My laptop represents the
> laptops of all of our roadwarriors, there are several dozen of them. The
> specs follow
>
> Dell Latitude PIII, 1.133Mhz, 256MB Ram, 3com Mini-PCI Ethernet.
>
>
> The servers I've tested ciped on are as follow:
> Thunderbird Athlon 1.0Ghz w/ 512MB Memory, linux-2.4.21, Slackware
> Athlon XP 1.733Ghz w/ 512MB Memory, Linux-2.4.21? Redhat 9.
> ciped is 1.5.4.
>
>
> The problem lies within the Win32 cipe implementation. I'm running
version
> 2.0-pre-15. Is this the cleanest version available? It appears to be
> abandoned, as of the end of 2002 (is this true?)
>
>
> While composing this email I've installed the CIPE Win32 on a test server
> here at my desk, which was loaded with Win2kServer just last week. I'll
> post the results of my testing as they become available.
>
>
>
> Thanks for the comments/input!
>
>
>
>
>
>
> Dear Mr. bhein:
>
> bhein,AT,bmc-pos,DOT,com disse:
> > Have you worked much with CIPE on win32?
> > I installed it yesterday on my laptop and have since had two
bluescreens
> > (each is a dump&reboot), two instances of the CIPE service pulling 100%
> > CPU, and upon each boot up the CIPE service fails to load and requires
a
> > manual restart from services in the control panel.
> >
> > At this point, unfortunately I cannot recommend CIPE as a VPN solution
to
> > my company, since all of our roadwarriors run win32.
>
> This is crazy, you cannot recomend cipe for a VPN solution because
> yesterday you made a cipe vpn link setup in your laptop and it didn't run
> as expected?
> Why didn't you addressed your need for help to this maillist? This is
> better than "not recomending".
>
> > Just wondering if you or anyone else has comments on the matter.
>
> Yes, i do. What i've already done with:
> CIPE running with: RedHat Linux 8.0/ 9.0 X M$Win2k SP4 M$Win2k Server
SP4.
> How many times? 12 VPN peers, until now.
> Hardware running: Toshiba Satellite from 150/800 Mgh, from MMX to Celeron
> Processors, Athlon XP 1.1 till 2.4 Ghz, Pentium II, II and IV. Not yet:
> WinXP ( many users wrote this is possible, but i had'nt the chance to
test
> myself) M$WinNT (Probably never will, this release is outdated by latest
> M$XP).
> A friend of myne has some installs under SMB hardware.
>
> The first was the more difficult: routing and firewall had to be
> re-dedsigned to fit the new capabilities.
>
>
> HTH,
>
> RSalles
>
> PS: If you think it is easy to manage all the variables involved in a
> project like LAN-TO-LAN CIPE VPN integration and would like to follow the
> steps i've made, search for the "No Way" topic at this maillist sended
few
> months ago by me...
>
> Best Regards,
>
> RSalles
>
> > --Brad
> >
> >
> >
> >
> >
> >
> >                       "Russell Berry"
> >                       <russ,AT,berrex,DOT,com>        To:
> > <keith,AT,theargoncompany,DOT,com>, <cipe-l,AT,inka,DOT,de>
> >                       Sent by:                 cc:
> >                       owner-cipe-l@inka        Subject:  Re: site to
site
> > vpn
> >                       .de
> >
> >
> >                       09/15/2003 10:45
> >                       AM
> >
> >
> >
> >
> >
> >
> > Hello Keith,
> >
> > CIPE is perfectly suited to your needs.  I have the setup in place for
> > many
> > clients worldwide.  I personally chose cipe long ago before it was in
any
> > distribution because of its security and manageability.  Many of my
> > clients
> > have 'remote' or branch offices/sites in various geographic locations.
> > Some
> > spanning multiple continents.  So the costs involved for them to lease
a
> > dedicated line to another site can quickly become prohibitive.  CIPE
> > allows
> > for a secure tunnel through any medium, thus giving them even more
> > security
> > than a dedicated line for the cost of a standard high speed internet
> > connection. Since CIPE tunnels all traffic encapsulated inside UDP
> > packets,
> > your traffic is 'invisible' to the casual snooper/sniffer.  Some people
> > don't like the private key mechanism, I happen to prefer it, so CIPE
has
> > always been the perfect solution for me.  As for support, the fine
people
> > on
> > this list will help you from the most trivial to the most obfuscated
> > implementations you can think of.
> >
> > I have 'evaluated' other tunnel forms, including IPSEC devices,
freeswan,
> > etc.  Nothing stacks up to CIPE for my needs.  My clients include
private
> > coroporations, government offices, financial institutions, academia,
> > medical
> > community, etc.  Some of the connections are very critical and even
have
> > failover configurations with secondary connections available, and they
>
> ALL
>
> > have strong security needs.  They trust my company with all their data
>
> and
>
> > data security, and I trust CIPE.
> >
> > I sound like a CIPE commercial!  That's okay, I believe in it, I'd do a
> > commercial for free!
> >
> > Regards,
> > ---russ
> >
> >
> > Russell Berry
> > Berrex Computer Solutions
> > http://www.berrex.com
> > Russ,AT,berrex,DOT,com
> > 1-877-558-9507
> > ----- Original Message -----
> > From: "Keith Fernandez" <keith,AT,theargoncompany,DOT,com>
> > To: <cipe-l,AT,inka,DOT,de>
> > Sent: Monday, September 15, 2003 10:21 AM
> > Subject: site to site vpn
> >
> >> Hi,
> >>
> >> I have two offices, where I need to allow the machines in one office
to
> >
> > access
> >
> >> the machines in the other office.
> >> Is that possible with just using CIPE.
> >> Is there something besides setting up CIPE that I need to do...
> >>
> >> My requirement
> >> I want the machines from both subnets to see machines from other
subnets
> >
> > as
> >
> >> though they are on the same network, to acess services like samba,
> >> mail(pop/smtp), etc..
> >>
> >> What I have
> >> The two network's have differnet private addressing's for the subnets
> >> 192.168.0.0/24 192.168.100.0/24
> >> We have fast static public IP addresses to the internet...
> >>
> >> This is possible with SuperFreeSWAN... If I can do this with CIPE, I
> >
> > would
> >
> >> like to switch over to cipe, since redhat has support for CIPE, and I
> >
> > wont
> >
> >> have to patch and compile kernels....
> >>
> >> Thanks in advance.....
> >>
> >> Regards,
> >> Keith
> >> --
> >> "I asked for strength and God gave me difficulties to make me strong.
> >> I asked for Wisdom... and God gave me problems to solve.
> >> I received nothing I wanted... But I received everything I needed."
> >>
> >> --
> >> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> >> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> >> Other commands available with "help" in body to the same address.
> >> CIPE info and list archive:
> >
> > <URL:http://sites.inka.de/~bigred/devel/cipe.html>
> >
> >
> > --
> > Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> > Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> > Other commands available with "help" in body to the same address.
> > CIPE info and list archive: <URL:
> > http://sites.inka.de/~bigred/devel/cipe.html>
> >
> >
> >
> >
> >
> >
> > --
> > Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> > Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> > Other commands available with "help" in body to the same address.
> > CIPE info and list archive:
> > <URL:http://sites.inka.de/~bigred/devel/cipe.html>
>
> --
> Renato Salles
> Ger.Geral
> RSNetServices
>
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
> <URL:http://sites.inka.de/~bigred/devel/cipe.html>
>
>
>
>
>
>
>
>
>
>
>
> --
> Message sent by the cipe-l,AT,inka,DOT,de mailing list.
> Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
> Other commands available with "help" in body to the same address.
> CIPE info and list archive:
> <URL:http://sites.inka.de/~bigred/devel/cipe.html>

--
Message sent by the cipe-l,AT,inka,DOT,de mailing list.
Unsubscribe: mail majordomo,AT,inka,DOT,de, "unsubscribe cipe-l" in body
Other commands available with "help" in body to the same address.
CIPE info and list archive:
<URL:http://sites.inka.de/~bigred/devel/cipe.html>


<< | Thread Index | >> ]    [ << | Date Index | >> ]