[ << | Thread Index | >> ]    [ << | Date Index | >> ]

To: Robin Harwani <robin.harwani,AT,gmail,DOT,com>
Subject: Re: cipe real ip
From: Andreas Billmeier <b,AT,edevau,DOT,net>
Date: Wed, 1 Jun 2005 09:49:51 +0200
Cc: cipe-l,AT,inka,DOT,de
In-reply-to: <9b81854b050531221974a5b45a@mail.gmail.com>
Organization: Ede Vau & Partner
References: <20050531125354.1f4c83c2@obelixx.edevau.net><200505311647.10576.florian@alphacore.net><20050531180433.23f8971a@obelixx.edevau.net><9b81854b05053111577ff999a6@mail.gmail.com><20050531225220.72a50351@obelixx.edevau.net><9b81854b050531221974a5b45a@mail.gmail.com>

On Wed, 1 Jun 2005 10:49:54 +0530 Robin Harwani 
<robin.harwani,AT,gmail,DOT,com> wrote:

> real ip is the ip which is not an internal ip in the network for 
> e.g. is a internal ip of the network 
> so can cipe be configured from such an ip.
> im new to vpn s as m into final year engineering and im doin a project on 
> "remote server configuration on linux vpn ".


if your question is if it´s possible to connect a tunnel with cipe when the 
external interfaces are behind routers,
your routers do something like NAT oder Adress-Translation, then here we go:

if you have no access to the router, simply use openvpn, it connects via TCP.

If you have access to the router, it is possible do do this with cipe,
you only have to forward cipe´s udp-port from the external interface to the 
host the cipe peer is running at.

An example:

Your (internal) cipe-peer is at, the remote network is
your cipe.conf looks like this:

device cipcb0
peer    cipe.remote.net:19981
maxerr -1

you now must forward all udp 19981 from your routers external interface to
your cipe hosts has to have a route to cipe.remote.net via the same router.
if your borderrouter is a linux box at, you could do this for 
exp. with:

iptables -t nat -A PREROUTING -i $EXT_IF -p udp --sport 19981 --dport 19981 
-j DNAT --to

# on the cipe box:
ip route add cipe.remote.net via
ip route add via dev cipcb0

I have one peer like that running behind a dialup dsl line,
there are problems if the (in this case dynamically assigned) external ip 
I have a timed script running to force this change once a day in the early 
this script kills and restarts the tunnel at the same time.

By the Way, please, send your questions to the list,
there are some other opinions for sure.


[ << | Thread Index | >> ]    [ << | Date Index | >> ]