CIPE-Win32 v2.0-pre14 README
——————————————————————–
This package consists of a binary installation and a development
environment of and for CIPE-Win32 v2.0 beta. This document assumes
a working knowledge of CIPE and it’s installation requirements.
CIPE-Win32 is a port of Olaf Titz’s CIPE VPN software from Linux
to Windows NT.
This software implements a functional node in a CIPE network on
Windows NT4.0 SP3-SP6 and Windows 2000. I don’t know if any DOS-based
Window OS’S will work or Windows XP, others are welcome to attempt
installation.
I know this documentation is not “polished”. When the software is
working perfectly, I’ll do a nice HTML help system (unless someone
is willing to start it for me).
128 bit Blowfish encryption is supported at the moment. 128 bit IDEA
support is being worked on.
Thanks to Erik Wallin <ericw@sec.se> and Jan Olderdissen
<jolderdissen@ixiacom.com> for their help in debugging the device
driver and fixing some of my programmatic blind spots.
This software is freely distributable under the GNU public license, a
copy of which you should have received with this software (in a file
called COPYING).
——————————————————————–
Installation:
Uncompress the distribution (if not done already) to some directory
on the target computer (e.g. C:\TEMP\CIPE). Two subdirectories
should be created: disk1 and source.
Run the Windows NT Network Control Panel applet from the Control Panel.
Select the Adapters tab and press the Add… button. Choose Have Disk…
Enter the path to the disk1 subdirectory as above
e.g. C:\TEMP\CIPE\DISK1
Windows will install the driver files and then present a dialog with
the CIPE settings. Enter the settings to match the requirements of
your CIPE network. IP addresses can either be specified in numeric
form or as hostnames
Press Continue
Windows NT will prompt for additional IP information. The information
for the new adapter (which will be called CIPE<n>) will be redundant
and needn’t be entered. The installer will ask you if you want to install
the CIPE service. Continuing, the binding engine will run and,
on completion, you will be prompted to reboot the machine. If you agreed to
install the CIPE service, you may, at this stage, go into the Devices
Control Panel applet and set the startup mode for CIPE to “manual”.
You may also do this for the Service CIPE_Daemon in the Services Control
Panel applet. After rebooting you can start each of these manually; it
doesn’t matter what order. This will prevent you from acquiring an
“unbootable” system where the driver is automatically started
and crashes the system on every reboot. This circumstance is not occurring
for me but we are dealing with Windows…
Adding and deleting peer information is done through the CIPE control
panel applet. Changes done here will never require a reboot and should be
considered live. If the CIPE service is active when the applet starts, it
will restart it only if there are any changes made to the configuration.
After rebooting (and starting the service and driver), you should be able
(assuming that the peer is properly configured) to ping across the VPN.
You can change the CIPE settings by revisiting the Network Control Panel
applet, selecting the adapter you want and pressing Properties… You will
have to reboot after any changes, unfortunately.
You can add more adapters by repeating the same installation procedure
as described above. The driver and service will support multiple adapters
with different endpoints.
——————————————————————–
Compiling:
In the source directory, you will find several subdirectories and a Makefile
the distribution is designed to be built from the source directory by
running NMAKE in a valid DDK build environment (checked or free). Running
NMAKE install
Will update the files in the disk1 directory. The subdirectories are :-
cipdrvr: The Ndis miniport adapter driver
cipsrvr: The user mode service
cipapplt: The control panel applet
cipcfg: The oemsetup.inf files
The directories do contain interdependencies. Moving things around may cause
build failures. Read the Makefiles for a better understanding.
——————————————————————–
My email address is dwilson@ibl.bm. I can be reached there or (preferably) by
mailing to the CIPE mailing list at cipe-l@inka.de.
Damion K. Wilson