Since you changed the iptables to get incoming packets, wouldn't it be
your iptables blocking traffic like crazy?
goodluck, Jan
Ann wrote:
> Hi,
>
> i am trying to establish a VPN using CIPE between Redhat Linux 9
> server and a windows 2000 server..
>
> For eg: my Linux server's
> external ip address : 67.xx.xx.101
> internal ip address : 192.168.1.101
> cipe ip address : 10.0.0.4
> cipe port : 6789
>
> 1) I setup the cipe on the Linux server.And when i run a netstat -anp,
> i get the following:
>
>
> Protocol Recv-Q Send-Q Local Address Foreign Address
> State PID/Program Name
> --------------------------------------------------------------------------------------------------------
> udp 0 0 192.168.1.101:6789 0.0.0.0:*
> ESTABLISHED 18133/ciped-cb
>
> But I had edited the file /etc/sysconfig/iptables to allow incoming
> UDP
> packets
>
> -A INPUT -p udp -m udp -s 98.63.210.132 -d 67.xx.xx.101 --sport 6790
> --dport 6789 -j ACCEPT
>
> where 67.xx.xx.101 : Linux m/c external ip address
> 98.63.210.132 : Windows m/c external ip address
>
> And also Edited a file : /etc/sysconfig/network-scripts/ifcfg-cipcb0
>
> DEVICE = cipcb0
> ONBOOT = yes
> USERCTL = yes
> MYPORT = 6789
> PEER = 98.63.210.132:6790
> PTPADDR = 10.0.0.5
> IPADDR = 10.0.0.4
>
> So when i run the netstat -a, shouldn't i get the following
>
>
> Protocol Recv-Q Send-Q Local Address Foreign Address
> State PID/Program Name
> --------------------------------------------------------------------------------------------------------
> udp 0 0 192.168.1.101:6789 98.63.210.132:6790
> ESTABLISHED 18133/ciped-cb
>
>
> 2) And on the windows machine, i have created a new network connection
> for cipe with the 10.0.0.5 as the ip address.
>
> And on the CIPE Control Panel applet, the following settings are used:
> Local IP address : 98.63.210.132 Port : 6790
> Peer IP Address : 67.xx.xx.101 Port : 6789
> Local PTP Address : 10.0.0.5
> Peer PTP Address : 10.0.0.4
>
> And i specified the same key here as that in options.cipcbo on the
> Linux machine.
>
> When i do netstat -a , i get the following
>
>
> Proto Local Address Foreign Address State
> ------------------------------------------------------------
>
> TCP 10.0.0.5:139 0.0.0.0:0 LISTENING
> TCP 10.0.0.5:389 10.0.0.5:3044 ESTABLISHE
> TCP 10.0.0.5:389 10.0.0.5:4397 TIME_WAIT
> TCP 10.0.0.5:445 10.0.0.5:3030 ESTABLISHE
> TCP 10.0.0.5:1025 10.0.0.5:3058 ESTABLISHE
> TCP 10.0.0.5:3030 10.0.0.5:445 ESTABLISHE
> TCP 10.0.0.5:3044 10.0.0.5:389 ESTABLISHE
> TCP 10.0.0.5:3058 10.0.0.5:1025 ESTABLISHE
> TCP 10.0.0.5:4274 10.0.0.5:389 CLOSE_WAIT
> TCP 10.0.0.5:4391 10.0.0.5:1433 TIME_WAIT
> UDP 10.0.0.5:53 *:*
> UDP 10.0.0.5:88 *:*
> UDP 10.0.0.5:137 *:*
> UDP 10.0.0.5:138 *:*
> UDP 10.0.0.5:389 *:*
> UDP 10.0.0.5:464 *:*
> UDP 10.0.0.5:500 *:*
>
> I don't have any entry showing a listening port on 6790.
>
>
> I cannot ping from either machine to each other? Can some one help me
> out? I have been working on this for the past week, without any
> success..
>
> Any help will be very much appreciated..
>
> Thanks,
> Ann
|
Similar Threads
Linear Mode
