Chapter 6. Virtual Private Networks
65
Note
The most common parameters should be placed in the /etc/cipe/options.cipcbx file for auto
matic loading at runtime. Be aware that any parameters passed at the command line as options will
override respective parameters set in the /etc/cipe/options.cipcbx configuration file.
Parameter
Description
arg
Passes arguments to the
/etc/cipe/ip up
initialization script
cttl
Sets the Carrier Time To Live value; recommended value is 64
debug
Boolean value to enable debugging
device
Names the cipe device
ipaddr
Publicly routable IP address of the CIPE machine
ipdown
Choose an alternate
ip down
script than the default
/etc/cipe/ip down
ipup
Choose an alternate
ip up
script than the default
/etc/cipe/ip down
key
Specify a shared static key for CIPE connection
maxerr
Number of errors allowable before the CIPE daemon quits
me
UDP address of the CIPE machine
mtu
Set the device maximum transfer unit
nokey
Do not use encryption
peer
The peer's CIPE UDP address
ping
Set CIPE specific (non ICMP) keepalive ping interval
socks
IP address and port number of the SOCKS server for proxy connections
tokey
Set dynamic key lifetime; default is 10 minutes (600 seconds)
tokxc
Timeout value for shared key exchange; default is 10 seconds
tokxts
Shared key exchange timestamp timeout value; default is 0 (no
timestamps)
toping
Timeout value for keepalive pings; default is 0
Table 6 1. CIPE Parameters
6.2.6. CIPE Key Management
As previously mentioned, CIPE incorporates a secure combination of static link keys and encrypted
traffic to create a secure tunnel over carrier networks such as the Internet. The use of static, link keys
provides a common point of reference for two CIPE enabled networks to pass information securely.
Therefore, it is imperative that both CIPE enabled network gateways share the exact same key, or
CIPE communication will not be possible.
6.2.6.1. Generating CIPE Keys
Generating CIPE keys requires knowledge of what kind of keys are compatible. Random alphanu
footer
Our partners:
PHP: Hypertext Preprocessor Best Web Hosting
Java Web Hosting
Inexpensive Web Hosting
Jsp Web Hosting
Cheapest Web Hosting
Jsp Hosting
Cheap Hosting
Visionwebhosting.net Business web hosting division of Web
Design Plus. All rights reserved