Skip to main content

Ralsina.Me — Roberto Alsina's website

Setting up VPNs easily with CIPE

This is a quick and dirty guide to set­ting up VP­Ns us­ing CIPE. A very wa­tered down ver­sion of a class I give on the sub­jec­t.

Hope­ful­ly, it will ex­plain how to do that kind of thing, since CIPE is cool :-)

Roberto Alsina / 2006-04-03 04:45:

Well, I lack any windows boxes to try that, but I will give it a shot. Maybe in a few days :-)

Enrique Arizón / 2006-04-03 04:45:

I miss an explanation of the windows client setup, since it's ussual the "use-case" of a final user connecting a Windows client (telephone PPP and cipe NIS for Windows -http://cipe-win32.sourceforge.net/-) through the internet to its office Linux VPN/Router. I know its possible to do that with Linux, since I have seen it working in a production environment, but I tried with no success to do that same. The problem is that Windows client setup documentation is really bad.

Roberto Alsina / 2006-04-03 04:46:

I am writing a similar article about pkcipe, and yes, if you want rad-warrioring, pkcipe is the right tool.



A detailed ip-up writeup would be kinda tricky, since it involves knowing how to write shell scripts, and I am trying to keep these basic. But maybe :-)

Roberto Alsina / 2006-04-03 04:47:

Well, the consensus seems to be that a windows version of the tutorial is needed. SO, I should install one of those weird OSs in a VMWare box.



I have been looking at pkcipe, and the docs in the CIPE site seem more or less adequate (although they suffer the usual problem of being a reference, not a guide), so that is for later.

S. Krishnan / 2006-04-03 04:47:

I have two CIPE based VPNs running at present: one is Linux Static IP/ Linux dynamic IP, and one is Linux Static IP/ Windows 2000 behind a firewall with a dynamic public IP. The Linux/ Linux setup worked out of the box, and is very stable. I had a little problem with the Windows conenction (as expected), but found the essential problem here to be that the Windows CIPE service generally dies the first time the system comes up. If the service is set to automatically restart in the Windows 2000 Service Control Manager, it works beautifully. The thing to note here is that the restart does take a little time, so that the user login is slowed down by that much. As an earlier poster mentioned, the Windows CIPe documentation is rather incomplete, so I had to figure out quite a bit on my own, with the help of Ethereal and tcpdump.

mikec / 2006-04-03 11:03:

checking for kernel include tree... configure: error: no suitable configured kernel include tree found

Roberto Alsina / 2006-04-03 11:06:

mikec: cipe includes a kernel module. You need to have the kernel sources installed.



Also, cipe doesn´t work with a 2.6 kernel, it must be a 2.4