cannot connect from linux cipe server to windows cipe client
This is a discussion on cannot connect from linux cipe server to windows cipe client within the Linux Security forums, part of the System Security and Security Related category; Hi, I am trying to connect Redhat Linux 9 cipe server to Windows 2003( tried windows NT too) cipe client. ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
05-04-2004
|
|||
|
|||
cannot connect from linux cipe server to windows cipe client
Hi,
I am trying to connect Redhat Linux 9 cipe server to Windows 2003( tried windows NT too) cipe client. I can ping from Windows 2003(and also Windows NT) server (both of which contain CIPE client installed) to CIPE server on Redhat Linux 9 server. But i cannot ping the Windows CIPE client from the Linux machine.. This a short description of what i have done: - On the Linux machine(67.xx.xx.159)=> 1)I edited the file /etc/sysconfig/iptables to allow incoming UDP packets -A INPUT -p udp -m udp -s 67.xx.xx.159 -d 67.xx.xxx.161 --sport 6790 --dport 6789 -j ACCEPT where 67.xx.xxx.159 : Linux m/c 67.xx.xxx.161 : Windows m/c containing CIPE client 2) Edited a file : /etc/sysconfig/network-scripts/ifcfg-cipcb0 DEVICE=cipcb0 ONBOOT=yes USERCTL=yes MYPORT=6789 PEER=67.xx.xxx.161:6790 PTPADDR=192.168.0.2 IPADDR=192.168.0.1 3) I created a key in /etc/cipe/options.cipcb0 on both machines. It reads: key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX and did the following # chmod 600 /etc/cipe/options.cipcb0 4) Started CIPE using # /etc/sysconfig/network-scripts/ifup-cipcb ifcfg-cipcb0 I checked using ifconfig , cipcb0 is up and running.. Now on the windows 2003 machine(67.xx.xxx.161), 1)Created a network device using CIPE Windows NDIS driver and service, version 2.0-pre15. (391k, zip). the settings are as follows: Local IP address : 192.168.0.2 Port:6790 Peer IP Address : 67.xx.xxx.159 Port:6789 Local PTP Address: 192.168.0.2 Peer PTP Address : 192.168.0.1 Key : XXXXXXXXXXXXXXXXXXXXXXXXX(same as on the linux machine) Cipher: Blowfish Time out : 600 I can ping Linux machine from windows ping 192.168.0.1 But i cannot ping cipe client on windows from linux ping 192.168.0.2 it shows 100% packet loss.. i couldn't find any solution to what i am doing wrong... Any help will be greatly appreciated.. Thanks, Ann 
|
|
05-04-2004
|
|||
|
|||
|
Re: cannot connect from linux cipe server to windows cipe client
Ann wrote:
> Hi, > > I am trying to connect Redhat Linux 9 cipe server to Windows 2003( > tried windows NT too) cipe client. > > I can ping from Windows 2003(and also Windows NT) server (both of > which contain CIPE client installed) to CIPE server on Redhat Linux 9 > server. But i cannot ping the Windows CIPE client from the Linux > machine.. > > This a short description of what i have done: - > > On the Linux machine(67.xx.xx.159)=> > > 1)I edited the file /etc/sysconfig/iptables to allow incoming UDP > packets > > -A INPUT -p udp -m udp -s 67.xx.xx.159 -d 67.xx.xxx.161 --sport 6790 > --dport 6789 -j ACCEPT > > where 67.xx.xxx.159 : Linux m/c > 67.xx.xxx.161 : Windows m/c containing CIPE client > > 2) Edited a file : /etc/sysconfig/network-scripts/ifcfg-cipcb0 > > DEVICE=cipcb0 > ONBOOT=yes > USERCTL=yes > MYPORT=6789 > PEER=67.xx.xxx.161:6790 > PTPADDR=192.168.0.2 > IPADDR=192.168.0.1 > > 3) I created a key in /etc/cipe/options.cipcb0 on both machines. It > reads: > > key XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX > > and did the following > > # chmod 600 /etc/cipe/options.cipcb0 > > 4) Started CIPE using > > # /etc/sysconfig/network-scripts/ifup-cipcb ifcfg-cipcb0 > > I checked using ifconfig , cipcb0 is up and running.. > > > > Now on the windows 2003 machine(67.xx.xxx.161), > > 1)Created a network device using CIPE Windows NDIS driver and service, > version 2.0-pre15. (391k, zip). > > the settings are as follows: > > Local IP address : 192.168.0.2 Port:6790 > Peer IP Address : 67.xx.xxx.159 Port:6789 > Local PTP Address: 192.168.0.2 > Peer PTP Address : 192.168.0.1 Does your Cipe tunnel have hte same IP as your nic? This cannot work. Pick a different subnet + ip for the tunnel endpoints. Regards, Alex > > Key : XXXXXXXXXXXXXXXXXXXXXXXXX(same as on the linux machine) > > Cipher: Blowfish > > Time out : 600 > > I can ping Linux machine from windows > ping 192.168.0.1 > > But i cannot ping cipe client on windows from linux > ping 192.168.0.2 > > it shows 100% packet loss.. > > > i couldn't find any solution to what i am doing wrong... > Any help will be greatly appreciated.. > > Thanks, > Ann
|
|
05-05-2004
|
|||
|
|||
|
Re: cannot connect from linux cipe server to windows cipe client
Hi Alex,
I was wrong about connecting from cipe client to the cipe server.. i assigned both cipe server(192.168.1.23) and cipe client(192.168.1.22) ip address in local network.All the machines in our local network has 192.168.1.x.. So actually it was not using the CIPE tunnel, but was connecting straight to CIPE network adapter on the Linux machine in our network.. I tried giving 10.0.0.2(Linux CIPE server) Mask: 255.255.255.0 10.0.0.3(Windows CIPE client) Mask 255.255.255.0 Can i leave the default gateway empty on windows Cipe client network adapter? I know my questions must be absolutely idiotic..Please bear with me..I am a complete novice at this.. I tried the above.. But was still not able to ping each other.. Please can any one help me :( ?? -Ann :( :(
|
|
05-05-2004
|
|||
|
|||
|
Re: cannot connect from linux cipe server to windows cipe client
Ann wrote:
> Hi Alex, > > I was wrong about connecting from cipe client to the cipe server.. i > assigned both cipe server(192.168.1.23) and cipe client(192.168.1.22) > ip address in local network.All the machines in our local network has > 192.168.1.x.. > So actually it was not using the CIPE tunnel, but was connecting > straight to > CIPE network adapter on the Linux machine in our network.. > > I tried giving 10.0.0.2(Linux CIPE server) Mask: 255.255.255.0 > 10.0.0.3(Windows CIPE client) Mask 255.255.255.0 > > Can i leave the default gateway empty on windows Cipe client network > adapter? I know my questions must be absolutely idiotic..Please bear > with me..I am a complete novice at this.. > > I tried the above.. > > But was still not able to ping each other.. > > Please can any one help me :( ?? > > -Ann :( :( Hi Ann, I propably won't be able to help you any further with this one. I posted you my cipe config file in the "ftp over cipe" mailing (besides the key of course;-) ). If I was you, turn of all the firewall stuff first. Then make sure that the IPs and ports are assigned correctly. If you still experience any problems, take a good look in the logs. I think there is a possibility to increase the logging level. Is there a physical connection at all (means, can you ping the 'real' address of the machine when the firewall is turned off)? Setting the default gateway has nothing to do with this. You can use the default gateway on the Windows machine, when the windows machine is connected to the linux box, and the linux box to the internet for example. It will work with no default route, though. The terms 'client' and 'server' don't make sense, talking about tunnels, because you have one deamon on each side of the tunnel. Good luck, Alex
|
Linear Mode
