From owner-freebsd-questions Fri Nov 27 19:33:48 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id TAA27954 for freebsd-questions-outgoing; Fri, 27 Nov 1998 19:33:48 -0800 (PST) (envelope-from owner-freebsd-questions@FreeBSD.ORG) Received: from lily.ezo.net (lily.ezo.net [206.102.130.13]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id TAA27949 for ; Fri, 27 Nov 1998 19:33:47 -0800 (PST) (envelope-from jflowers@ezo.net) Received: from crocus (c3-1d196.neo.rr.com [24.93.233.196]) by lily.ezo.net (8.8.7/8.8.7) with SMTP id WAA00511; Fri, 27 Nov 1998 22:33:28 -0500 (EST) Message-ID: <00a801be1a88$4d302d70$848266ce@crocus.ezo.net> From: "Jim Flowers" To: , Subject: Re: SKIP Headscratcher - The Solution Date: Fri, 27 Nov 1998 23:33:50 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 4.72.2106.4 X-Mimeole: Produced By Microsoft MimeOLE V4.72.2106.4 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Archie, Even better better than that. Your port for FreeBSD 2.2.7 included the patch so it was just a matter of using the -f flag to identify the source address and it now works OK. Could have saved myself a lot of typing if I had read the documentation more carefully or the skip-info thread that covered this potential behavior, adequately. Another thing I discovered, to my cost, is that CDP to setup tunnels between networks can be a problem unless you first put the far-end skiphost into the tunnel. This can be done quite easily by swapping "skiplocal export" scripts via some secure means. Thanks. Great port. -----Original Message----- From: Archie Cobbs Newsgroups: sita.freebsd.questions To: komkmo@therion.kar.net ; Jim Flowers Cc: skip-info@skip.org ; freebsd-questions@FreeBSD.ORG Date: Thursday, November 26, 1998 9:23 PM Subject: Re: SKIP Headscratcher (Long - and knotty) >Jim Flowers writes: >> So the only conclusion I can draw is that SKIP and the VPN is operating just >> as designed but some router (or routers) somewhere on the Internet is noting >> the non-routable IP address for the SOURCE ADDRESS and is discarding the >> packets instead of forwarding them. > >I think the current incarnation of the SKIP port includes a patch >that lets you replace the source address with that of the tunnel >endpoint router (ie, with a real routable address). Looks like >doing this is the only way out of the jam.. > >-Archie > >___________________________________________________________________________ >Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message