CIPE & IPPORTFW ?

CIPE & IPPORTFW ?

Post by trev.. » Wed, 14 Oct 1998 04:00:00



We are using ipportfw (IP Port Forwarding -
www.ox.compsoc.org.uk/~steve/portforwarding.html)  in conjunction with
IP masquerading to forward inbound traffic from an internet address
(interbck.nri-online.com) to an internal network address.  Our internal
network uses 10.163.219.0 addresses.

IPPORTFW forwards tcp port 5000 traffic to an internal server -
     ipportfw -A -t 204.209.141.88/5000 -R 10.163.219.17/5000

I would like to use CIPE on the same firewall box (which would then be
running ipmasq, ipportfw & cipe) but I suspect the ipportfw process is
incompatible with CIPE.  

Initially I thought a statement like :
     ipportfw -A -u 204.209.141.88/5000 -R 10.163.219.1/5000
plus an options entry like is:
     me    10.163.21.1:5000
would be appropriate.

More likely I'll require two firewall boxes (????), one for ipmasq &
ipportfw and other on the inside for cipe. like this :

          |
     204.209.141.88
    ipmasq/ipportfw
     10.163.219.21
          |
          |
     10.163.219.3
        CIPE
     10.163.219.1
          |
  rest of the network

Comments would be appreciated.

Trevor

 
 
 

1. cannot connect from linux cipe server to windows cipe client

Hi,

I am trying to connect Redhat Linux 9 cipe server to Windows 2003(
tried windows NT too) cipe client.

I can ping from Windows 2003(and also Windows NT) server (both of
which contain CIPE client installed) to CIPE server on Redhat Linux 9
server. But i cannot ping the Windows CIPE client from the Linux
machine..

This a short description of what i have done: -

On the Linux machine(67.xx.xx.159)=>

1)I edited the file /etc/sysconfig/iptables to allow incoming UDP
packets

 -A INPUT -p udp -m udp -s 67.xx.xx.159 -d 67.xx.xxx.161 --sport 6790
--dport 6789 -j ACCEPT

where 67.xx.xxx.159 : Linux m/c
      67.xx.xxx.161 : Windows m/c containing CIPE client

2) Edited a file : /etc/sysconfig/network-scripts/ifcfg-cipcb0

    DEVICE=cipcb0
    ONBOOT=yes
    USERCTL=yes
    MYPORT=6789
    PEER=67.xx.xxx.161:6790
    PTPADDR=192.168.0.2
    IPADDR=192.168.0.1

3) I created a key in /etc/cipe/options.cipcb0 on both machines. It
reads:

key                 XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

and did the following

# chmod 600 /etc/cipe/options.cipcb0

4) Started CIPE using

# /etc/sysconfig/network-scripts/ifup-cipcb ifcfg-cipcb0

I checked using ifconfig , cipcb0 is up and running..

Now on the windows 2003 machine(67.xx.xxx.161),

1)Created a network device using CIPE Windows NDIS driver and service,
version 2.0-pre15. (391k, zip).

the settings are as follows:

Local IP address : 192.168.0.2    Port:6790
Peer IP Address  : 67.xx.xxx.159  Port:6789
Local PTP Address: 192.168.0.2
Peer PTP Address : 192.168.0.1

Key : XXXXXXXXXXXXXXXXXXXXXXXXX(same as on the linux machine)

Cipher: Blowfish

Time out : 600

I can ping Linux machine from windows
ping 192.168.0.1

But i cannot ping cipe client on windows from linux
ping 192.168.0.2

it shows 100% packet loss..

i couldn't find any solution to what i am doing wrong...
Any help will be greatly appreciated..

Thanks,
Ann

2. Is there a compose key with Linux ???

3. IPPORTFW & IPAUTOFW

4. Unix Training

5. ipportfw patch for 2.0.36 & SuSE 6.0

6. How do I make my hostname known to the DNS ?

7. &&&&----Looking for a unix shell------&&&&&

8. add another transparent bridge.

9. ppp && PPPoE && ADSL && net && buffer(s)

10. 没有人用中文吗?

11. &&&&&& SUGGESTION ??? &&&&&&&&

12. Hercules &&&&&& SVGA ?

13. PERL && mod_perl && FreeBSD && Apache