<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: JR,AT,JRago,DOT,com
Subject: Re: Is CIPE the right solution for my needs?
From: Ted Kaczmarek <tedkaz,AT,optonline,DOT,net>
Date: Mon, 22 Mar 2004 08:01:28 -0500
Cc: cipe-l,AT,inka,DOT,de
In-reply-to: <EGEOKKPIPDNJGAFLKMEPMEOACAAA.JR@JRago.com>
Organization: Linsolutions
References: <EGEOKKPIPDNJGAFLKMEPMEOACAAA.JR@JRago.com>
Reply-to: tedkaz,AT,optonline,DOT,net

Inline
On Sun, 2004-03-21 at 15:44 -0500, Jeff Rago wrote:

>       I have a RedHat 9 server running SAMBA 3 sharing out directories to 
> several
> WinXP Pro clients on the LAN.
> 
>       The server is using iptables to do NAT (masquerading) to allow the LAN
> internet access through a T1 with a static IP address.  (A dial modem is
> also available on the server)
> 
>       I have a need to have three remote WinXP Pro users access the SAMBA 
> shares
> on the server.
> 
>       The will be accessing the internet from various locations with or 
> without
> NAT routers. Sometimes via dialup from hotel rooms and sometimes via
> broadband (cable or ADSL) from home.
> 
>       I have determined that an IPSEC VPN is not appropriate due to the NAT
> issues.  (Is this correct?)
Not necessarily true, depends on the setup.
> 
>       What I have read about CIPE seems to indicate that it will work in 
> this
> configuration but the scarce documentation is not totally clear.
Yes, I access smb shares through cipe tunnels myself.
> 
>       If CIPE is appropriate for my needs - any suggestions on how to go 
> about
> implementing it?
It is much easier on the Redhat side, and probably a tad easier on win32
as well.
> 
>       I am very well versed in Windows NT (4.0, 5.0 and 5.1), RedHat Linux 
> and
> networking but a little light on VPNs.

Word of warning, I have seen issues on Redhat 9 where if the module for
the nic card doesn't load, when trying to bring up cipe tunnels the boot
process will hang, this may or may not be relevant but was a kick in my
@ss :-)

Otherwise I have a customer using win2k that connects to us via Cipe,
his connection is just as reliable if not more so than most of the IPSEC
tunnels I have setup using a pix and our side. 

> 
>       Thanks in advance.
> 
> 
> Jeff Rago
> JR Consulting
> mailto:JR,AT,JRago,DOT,com
> 

Ted


<< | Thread Index | >> ]    [ << | Date Index | >> ]