64


Chapter 6. Virtual Private Networks


You must also add routing rules to the client machine to access the nodes behind the CIPE connection


as if they were on the local network. This can be done by running the


route


command. For our


example, the client workstation would need to add the following network route:


route add  net 192.168.1.0 netmask 255.255.255.0 gw 10.0.1.2


The following shows the final


/etc/cipe/ip up.local


script for the client workstation:


#!/bin/bash  v


if [  f /etc/sysconfig/network scripts/ifcfg $1 ] ; then


. /etc/sysconfig/network scripts/ifcfg $1


else


cat


EOT | logger


   


Cannot find config file ifcfg $1. Exiting.


EOF


exit 1


fi


if [  n ${PEERROUTEDEV} ]; then


cat


EOT | logger


   


Cannot find a default route to send cipe packets through!


Punting and hoping for the best.


EOT


# Use routing table to determine peer gateway


export PEERROUTEDEV=`/sbin/route  n | grep ^0.0.0.0 | head  n 1 \


| awk '{ print $NF }'`


fi


####################################################


# Add The routes for the remote local area network #


####################################################


route add  host 10.0.1.2 dev $PEERROUTEDEV


route add  net 192.168.1.0 netmask 255.255.255.0 dev $1


####################################################


# IP TABLES Rules to restrict traffic


#


####################################################


/sbin/modprobe iptables


/sbin/service iptables stop


/sbin/iptables  P INPUT REJECT


/sbin/iptables  F INPUT


/sbin/iptables  A INPUT  j ACCEPT  p udp  s 10.0.1.2


/sbin/iptables  A INPUT  j ACCEPT  i $1


/sbin/iptables  A INPUT  j ACCEPT  i lo


/sbin/iptables  t nat  A POSTROUTING  s 192.168.0.0/24  o eth0  j MASQUERADE


6.2.5. Customizing CIPE


CIPE can be configured in numerous ways, from passing parameters as command line arguments


when starting


ciped


to generating new shared static keys. This allows a security administrator the


flexibility to customize CIPE sessions to ensure security as well as increase productivity. The follow 


ing chart details some of the command line parameters when running


ciped


.








footer






  


 


 


        

 


 

  

    

      
      
 Home 
      | About Us | Network 
      | Services | Support 
      | FAQ | Control Panel 
      | Order Online |
      Sitemap | Contact

      

      web hosting comparison

      
 

    

  

  




Our partners: 
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting 
Jsp Web Hosting 




Cheapest Web Hosting
Jsp Hosting
Cheap Hosting



Visionwebhosting.net Business web hosting division of Web 
Design Plus. All rights reserved