Re: cipe on Win2K

["Margaret Cowley" <cowleyma,AT,internode,DOT,on,DOT,net>]

Thanks Mike Gende for the tip.

 

I found that I was using the same port number 6969, twice. Now that I've removed the second VPN from my Win2K CIPE settings, I don't get that error message: "Could not (de novo) start CIPE service due to overlapped I/O operation is in progress"

 

Now, I think my Win2k CIPE client is working fine.

 

But, I still can't ping the other end of my VPN which is on a redhat linux 9 server.

I see the UDP packets coming into the linux box, using

tcpdump -i ppp0 port 6969

 

But, I don't see any packets being sent back to the Win2K box.

 

I've turned off my iptables filters on the linux box, to make sure I don't block anything, but I still don't see any packets being returned, in the tcpdump display.

 

 

Details:

 

Running on linux box: CIPE daemon vers 1.4.5 (c) Olaf Titz 1996-2000
In server mode.

 

/etc/cipe, options.cipcb0 has:

ptpaddr 192.168.254.201
ipaddr 192.168.254.200
me shorthorn.dyndns.org:6969
peer 0.0.0.0:6969

The static key is identical on both linux and Win2K systems.

 

In my iptables logs, I see:

 

Dec 28 16:50:56 shorthorn kernel: cipcb0: cipe_sendmsg
Dec 28 16:50:56 shorthorn kernel: cipcb0: setkey
Dec 28 16:50:56 shorthorn kernel: cipcb0: cipe_recvmsg
Dec 28 16:50:56 shorthorn kernel: cipcb0: setkey
Dec 28 16:50:56 shorthorn kernel: cipcb0: cipe_sendmsg
Dec 28 16:50:56 shorthorn kernel: cipcb0: cipe_recvmsg
Dec 28 16:50:56 shorthorn kernel: cipcb0: cipe_recvmsg

In my cipe.log file, I see:

Dec 28 15:26:28 UP   cipcb0 127.0.0.1:6969 21158 192.168.254.200 192.168.254.201 192.168.10.0

 

Note the port numbers appear to be 6969 and 21158. I expected to see both spt and dpt = 6969.

 

I see the VPN tunnel is up, using ifconfig:

 

[root@shorthorn log]# ifconfig
cipcb0    Link encap:IPIP Tunnel  HWaddr  
          inet addr:192.168.254.200  P-t-P:192.168.254.201  Mask:255.255.255.255
          UP POINTOPOINT NOTRAILERS RUNNING NOARP  MTU:1442  Metric:1
          RX packets:1870 errors:0 dropped:0 overruns:0 frame:0
          TX packets:1870 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:100
          RX bytes:209440 (204.5 Kb)  TX bytes:246840 (241.0 Kb)

Note the RX and TX packets are equal, but I think this is just the tunnel negotiation packets being exchanged, not ping packets.

 

Any suggestions on the linux end?

 

Thanks

Margaret

 

----- Original Message -----

From: Mike Gende

To: Margaret Cowley

Cc: cipe-l,AT,inka,DOT,de

Sent: Wednesday, December 24, 2003 2:26 PM

Subject: Re: cipe on Win2K

Hello Margaret,

I'm nore sure if this is your problem, but I'll include this observation on the off chance it may help you:

I just configured (with help from this list) several Win2k laptops for a customer with Cipe and had a similar issue. Try a 'netstat -an' command. This should show a list of all the appropriated ports being used by TCP/IP and UDP. Do your Cipe ports show up there? If so, you won't be able to start Cipe as Win2k sees the ports as being in use. This typically happens due to some error in shuting down cipsrvr (or at least it did to me initially). I was able to get round it by either 'cipsrvr stop' and then trying again or simply restarting the computer to free everything up. I don't have a Win2k machine handy to recall if the error message that I got was the same as your or not so, again, I'm not sure this will help.

My best shot, hope it shakes something loose,

Mike

G'day Folks, Whenever I try to start CIPE on my Win2K laptop, a window pops up with this error message: "Could not (de novo) start CIPE service due to overlapped I/O operation is in progress" Any ideas why? Details: I've installed cipe-2.0.pre-15.wa-1.0-24.exe on my Win2K laptop. A LAN connection appears in my  "Network and Dialup Connections" window, called "CIPE VPN Adaptor. I open the Properties of this Adaptor, and hardcode the IP address:192.168.254.201/24, Default gateway = 192.168.254.200I uncheck all the components of the adaptor, except Client for Microsoft Networks and Internet Protocol (TCP/IP). I connect my laptop to my ISP using a dialup connection. There are 2 IP addresses returned by typing ipconfig in a Command box - the CIPE adaptor address (192.168.254.200) and the IP address from the ISP. Then I press "restart" in the CIPE VPN Peer, found in the Control Panel.The settings are:Local IP Address: 0.0.0.0, Local Port: 6969Peer IP Address: 150.101.106.45, Peer Port 6969 (It's the real IP address of a linux box, which has 2 network cards)Local PTP Address: 192.168.254.201Peer PTP Address: 192.168.254.201,Action: Enable is selectedStatic Key is added, matching the one on the linux boxCipher is BLOWFISH, no encruption, timeout = 600Routing targets: 192.168.10.0/255.255.255.0 ( the internal LAN of the linux box) The CIPE VPN Peer says "Saving Adaptor Settings, then "Starting CIPE service", the hour-glass appears and about a minute later, the error message quoted above appears. I used a CIPE-Installation.pdf guide for the Windows client, but could only find the guides in Danish or French. Can I have a URL to an English guide please? Thanks for any help.----------------------------------
Margaret Cowley
Mobile: 0419 831 722