<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: cipe-l,AT,inka,DOT,de
Subject: VPN sharing solution
From: "Stramigioli, S" <S.Stramigioli,AT,el,DOT,utwente,DOT,nl>
Date: Fri, 26 Dec 2003 13:06:25 +0100
Cc: Helpdesk,AT,snt,DOT,utwente,DOT,nl

I managed to get my problem solved even if there are still a lot of subtle
things still to do, but I would like to share what I did if somebody needs
sommething similar.

PROBLEM
- 2 or more machines: A,B
- A has a personal VPN connection with my university 
- I would like to connect B and other machines in such a way that they
'seem' also university machines like A.

SOLUTION
- Install CIPE on A and give it the address 192.168.0.1 (!!)
- Make the VPN connection on A with University and share it for the CIPE
adapter
 REMARKS
  This will activate a NAT protocol for all packages going through the VPN
and coming from the CIPE peers. One this is done, windows automatically give
ALWAYS the address 192.168.0.1 to the CIPE adapter and I bilieve tries to
run a a DHCP service on that adapter. Clearly this is not necessary, but it
does not create problems. I would very much like to understand how to
configure NAT at a low level in order to tweak the IP datagrams IP number
conversion, but I have not done it yet.
- On B install CIPE and give it a number in the range 192.168.0.*
- On B reroute all packages for the university through the CIPE adapter with
the command
  route <CAMPUS RANGE AND PROPER MASK> 192.168.0.2, supposing I gave the
number 192.168.0.2 to the CIPE adapter on B, and the game is done !

PROBLEMS STILL TO BE SOLVED
If anybody has answers to the following I would really appreciate your help.

1) The machine A should at start up, directly make the VPN connection with
the university. I could make a link in the start up of each user, but this
would work only if somebody is logged in. Is it possible to start a standard
Windows VPN connection at bootstrap under Win XP as it is done with a
service ? If yes how ?

2) It seems that the DKV service does not start automatically at bootstrap
even if it should. I have to start it by hand before everything works

3) If I am with the machine B abroad on another network with an IP number I
do not know at priory, how can I dinamically configure the CIPE peer on A
such that it make this possible dinamically ? In other words, is it possible
to create dinamic peers through an identification ?

Thanks a lot !

- Stefano
 
%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 
Prof. Stefano Stramigioli, (M.Sc., Ph.D.)
Associate Professor
 
Control Engineering Laboratory
Department of Electrical Engineering
Faculty of EEMCS
Drebbel Institute on Mechatronics

Normal Postal Address: 
P.O. Box 217
NL-7500 AE Enschede
The Netherlands
 
Courrier Address:
de Veltmaat 10
7522NM Enschede
The Netherlands

Tel. +31 (53) 4892794/4892606 
Fax. +31 (53) 4894830/4892223 
 
Email S.Stramigioli,AT,ieee,DOT,org
WWW: http://www.ce.utwente.nl/smi

%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%


<< | Thread Index | >> ]    [ << | Date Index | >> ]