<< | Thread Index | >> ]    [ << | Date Index | >> ]

To: <cipe-l,AT,inka,DOT,de>
Subject: Routing Problem with Cipe-Win32 running on WindowsXP
From: <gl,AT,amanduro,DOT,de>
Date: Thu, 5 Aug 2004 19:11:48 +0200
Importance: Normal
Reply-to: <gl,AT,amanduro,DOT,de>

Hello,

I want to make a CIPE VPN tunnel between a Linux Router at our company`s LAN
and a Remote Dial-Up user with a WindowsXP SP1 Notebook. CIPE Version on the
Linux Router is 1.5.4. And on the XP SP1 laptop is CIPE-Win32 v2.0-pre15.
I`ve searched through the cipe-l archive and found a description of the same
problem that I have, under Archive 2003-09 "CIPE RH linux + Windows 2000
routing problem" from T. Zkoumalek. Have found interesting information in
the several follow-ups to that issue. Unfortunately in my case the problem
that the WinXP machine cannot reach the lan behind the router on the other
side is not resolved with "arp -s 192.168.100.254 192.168.50.7". No more
"arp who has ..." requests from 192.168.50.7, but still can ping only the
two VPN endpoints of the tunnel. I searched with tcpdump/windump and found
out that IP packets from WinXP to the 192.168.100.0/ 24 LAN always appear on
the "DKW Heavy Industries VPN Adapter" (device Nr. 3), but never on the "WAN
(PPP/SLIP) Interface" (device Nr. 2), while packets to 192.168.100.1 do.
Interesting by the way: a ping from 192.168.50.7 to 192.168.50.255 gets a
reply from 192.168.100.1. I wonder why this is working but ping to Remote
LAN not? Please take a look at the attached tables.

I need someone`s help.

Thank you a lot,
Gerd Liebhardt

My Config is:

router (cipcb0) options:
========================

debug           1
device  cipcb0
ptpaddr 192.168.50.7
ipaddr  192.168.100.1
me              router.public.ip:9000
peer            127.0.0.1:9
maxerr  -1
key             **********************

ip-up:
======

route add -net 192.168.50.0 netmask 255.255.255.0 gw $5

router`s interfaces:

cipcb0    Link encap:IPIP Tunnel  HWaddr
          inet addr:192.168.100.1  P-t-P:192.168.50.7  Mask:255.255.255.255
          UP POINTOPOINT RUNNING NOARP  MTU:1442  Metric:1

eth0      Link encap:Ethernet  HWaddr 00:60:b0:38:22:00
          inet addr:router.public.ip  Bcast:bcast.public.ip
Mask:255.255.255.252

eth1      Link encap:Ethernet  HWaddr 00:68:04:6c:08:ae
          inet addr:192.168.100.254  Bcast:192.168.100.255
Mask:255.255.255.0

lo        Link encap:Local Loopback
          inet addr:127.0.0.1  Mask:255.0.0.0

XP Client CIPE VPN PEER SETTINGS:
=================================

Local IP Address        0.0.0.0:9000
Peer IP Address router.public.ip:9000
Local PTP Address       192.168.50.7
Peer PTP Address        192.168.100.1

windump -D
==========

1.\Device\NPF_GenericNdisWanAdapter (Generic NdisWan adapter)
2.\Device\NPF_{7FDA529A-8022-46B9-A8A7-F6583449E9B7} (WAN (PPP/SLIP)
Interface)
3.\Device\NPF_{96CC7830-1A59-4311-BE02-E570A02A7F59} (DKW Heavy Industries
VPN Adapter.)
4.\Device\NPF_{B767196E-A899-46FB-BA2D-22B6270B58B0} (Realtek 8139-series
PCI NIC...) (Not connected to Ethernet at all)

WinXP routing table after "route add 192.168.100.0 mask 255.255.255.0
192.168.50.7":
============================================================================
========
===========================================================================
Devicelist
0x1 ........................... MS TCP Loopback interface
0x2 ...08 00 58 00 00 01 ...... CIPE VPN Adapter
0x3 ...00 e0 00 9a ff 44 ...... Realtek RTL8139-Familie-PCI-Fast
Ethernet-NIC (Not connected to Ethernet at all)
0xa0005 ...00 53 45 00 00 00 ...... WAN (PPP/SLIP) Interface
===========================================================================
===========================================================================
Active Routes:
              Net          Netmask          Gateway          device  Metric
          0.0.0.0          0.0.0.0     my.public.ip    my.public.ip       1
        127.0.0.0        255.0.0.0        127.0.0.1       127.0.0.1       1
     192.168.50.0    255.255.255.0     192.168.50.7    192.168.50.7       30
     192.168.50.7  255.255.255.255        127.0.0.1       127.0.0.1       30
   192.168.50.255  255.255.255.255     192.168.50.7    192.168.50.7       30
    192.168.100.0    255.255.255.0     192.168.50.7    192.168.50.7       1
     my.public.ip  255.255.255.255        127.0.0.1       127.0.0.1       50
  bcast.public.ip  255.255.255.255     my.public.ip    my.public.ip       50
     my.public.ip  255.255.255.255     my.public.ip    my.public.ip       1
        224.0.0.0        240.0.0.0     192.168.50.7    192.168.50.7       30
        224.0.0.0        240.0.0.0     my.public.ip    my.public.ip       1
  255.255.255.255  255.255.255.255     192.168.50.7               3       1
  255.255.255.255  255.255.255.255     192.168.50.7    192.168.50.7       1
Default gateway:     my.public.ip
===========================================================================
permanent Routes:
  none

These ping commands on XP
=========================

"ping 192.168.100.1
ping 192.168.100.254
ping 192.168.50.255"

genererate this windump output on CIPE VPN Adapter:
===================================================

01 IP 192.168.50.7 > 192.168.100.1: icmp 40: echo request seq 44033
02 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 44033
03 IP 192.168.50.7 > 192.168.100.1: icmp 40: echo request seq 44289
04 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 44289
05 IP 192.168.50.7 > 192.168.100.1: icmp 40: echo request seq 44545
06 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 44545
07 IP 192.168.50.7 > 192.168.100.1: icmp 40: echo request seq 44801
08 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 44801
09 IP 192.168.50.7 > 192.168.100.254: icmp 40: echo request seq 45057
10 IP 192.168.50.7 > 192.168.100.254: icmp 40: echo request seq 45313
11 IP 192.168.50.7 > 192.168.100.254: icmp 40: echo request seq 45569
12 IP 192.168.50.7 > 192.168.100.254: icmp 40: echo request seq 45825
13 IP 192.168.50.7 > 192.168.50.255: icmp 40: echo request seq 46081
14 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 46081
15 IP 192.168.50.7 > 192.168.50.255: icmp 40: echo request seq 46337
16 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 46337
17 IP 192.168.50.7 > 192.168.50.255: icmp 40: echo request seq 46593
18 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 46593
19 IP 192.168.50.7 > 192.168.50.255: icmp 40: echo request seq 46849
20 IP 192.168.100.1 > 192.168.50.7: icmp 40: echo reply seq 46849

and that windump output on the PPP Interface:
=============================================

01 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
02 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
03 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
04 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
05 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
06 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
07 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
08 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
09 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
10 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
11 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
12 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
13 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
14 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80
15 IP my.public.ip.9000 > router.public.ip.9000: UDP, length: 80
16 IP router.public.ip.9000 > my.public.ip.9000: UDP, length: 80

==> 4 lines less here: echo request to 192.168.100.254 does not appear on
this interface.


<< | Thread Index | >> ]    [ << | Date Index | >> ]