Archie,
Even better better than that. Your port for FreeBSD 2.2.7 included the
patch so it was just a matter of using the -f flag
to identify the source address and it now works OK. Could have saved myself
a lot of typing if I had read the documentation more carefully or the
skip-info thread that covered this potential behavior, adequately.
Another thing I discovered, to my cost, is that CDP to setup tunnels between
networks can be a problem unless you first put the far-end skiphost into the
tunnel. This can be done quite easily by swapping "skiplocal export"
scripts via some secure means.
Thanks. Great port.
-----Original Message-----
From: Archie Cobbs <[EMAIL PROTECTED]>
Newsgroups: sita.freebsd.questions
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; Jim Flowers
<[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED] <[EMAIL PROTECTED]>; [EMAIL PROTECTED]
<[EMAIL PROTECTED]>
Date: Thursday, November 26, 1998 9:23 PM
Subject: Re: SKIP Headscratcher (Long - and knotty)
>Jim Flowers writes:
>> So the only conclusion I can draw is that SKIP and the VPN is operating
just
>> as designed but some router (or routers) somewhere on the Internet is
noting
>> the non-routable IP address for the SOURCE ADDRESS and is discarding the
>> packets instead of forwarding them.
>
>I think the current incarnation of the SKIP port includes a patch
>that lets you replace the source address with that of the tunnel
>endpoint router (ie, with a real routable address). Looks like
>doing this is the only way out of the jam..
>
>-Archie
>
>___________________________________________________________________________
>Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com
>
>To Unsubscribe: send mail to [EMAIL PROTECTED]
>with "unsubscribe freebsd-questions" in the body of the message
>
