<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=ISO-8859-1" http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
I actually found my problem to be firewall related. I had my own
custom firewall script that I've been running and modifing for the last
3 years or so .... well just on a hunch i tried one of the prefab
firewalls that was reccamended in the docs
(<a class="moz-txt-link-freetext" href="http://heimdall.asgardsrealm.net/linux/firewall/">http://heimdall.asgardsrealm.net/linux/firewall/</a>) and low and behold
... my VPN worked. I'd be glad to help you out if you need any
help..... I spent many a late night trying to figure out what my
problem was .....<br>
<br>
Luis Rodrigues wrote:
<blockquote cite="mid20041004160441.6BFA2138031@tla.xelerance.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html; ">
<meta name="Generator" content="Microsoft Word 11 (filtered medium)">
<!--[if !mso]>
<style>
v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p.MsoPlainText, li.MsoPlainText, div.MsoPlainText
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
pre
{margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
span.EstiloCorreioElectrnico18
{mso-style-type:personal;
font-family:Arial;
color:windowtext;}
span.EstiloCorreioElectrnico19
{mso-style-type:personal-reply;
font-family:Arial;
color:navy;}
@page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.Section1
{page:Section1;}
-->
</style>
<div class="Section1">
<p class="MsoNormal"><font face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial;">OK, at least I’m not the
only one with this problem. I’ve
found this in the mailing list:<o:p></o:p></span></font></p>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;">It’s from P,
</span></font>ipsec at
dogclan.com .<o:p></o:p></p>
<p class="MsoNormal"><font face="Times New Roman" size="3"><span
style="font-size: 12pt;"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font face="Times New Roman" size="3"><span
style="font-size: 12pt;">Anyone with an answer?</span></font><font
color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p></o:p></span></font></p>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p> </o:p></span></font></p>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">The tunnels come up and I can ping across the vpn with no problem. I <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">can ping from a client machine to another client, ect. But that's it. <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">I can do anthing else. Cant access shares, can't connect via remote <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">desktop, can't connect to another remote admin program I've installed <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">for testing, can't connect to a mail server that's on the other side of <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">the vpn. It seems the only thing I can do is ping. I'm not getting any <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">firewall hits if I watch /var/log/messages while trying to use any of <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">the previously mentions apps so I'm sure it's not firewall stopping it. <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">I've tried running the app from subnet 1 and run tcpdump on eth1 on <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">gateway 2 and I see the packets going across that interface. At this <o:p></o:p></span></font></i></pre>
<pre><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">point I'm pretty stumped.<o:p></o:p></span></font></i></pre>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font face="Times New Roman" size="3"><span
style="font-size: 12pt;">Anyone with an answer?</span></font><font
color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p></o:p></span></font></p>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p> </o:p></span></font></p>
<p class="MsoNormal"><font color="navy" face="Arial" size="2"><span
style="font-size: 10pt; font-family: Arial; color: navy;"><o:p> </o:p></span></font></p>
<div>
<div class="MsoNormal" style="text-align: center;" align="center"><font
face="Times New Roman" size="3"><span style="font-size: 12pt;">
<hr tabindex="-1" align="center" size="2" width="100%"></span></font></div>
<p class="MsoNormal"><b><font face="Tahoma" size="2"><span
style="font-size: 10pt; font-family: Tahoma; font-weight: bold;">De:</span></font></b><font
face="Tahoma" size="2"><span
style="font-size: 10pt; font-family: Tahoma;">
<a class="moz-txt-link-abbreviated" href="mailto:users-bounces@openswan.org">users-bounces@openswan.org</a> [<a class="moz-txt-link-freetext" href="mailto:users-bounces@openswan.org">mailto:users-bounces@openswan.org</a>] <b><span
style="font-weight: bold;">Em nome de </span></b>Luis Rodrigues<br>
<b><span style="font-weight: bold;">Enviada:</span></b>
segunda-feira, 4 de
Outubro de 2004 16:26<br>
<b><span style="font-weight: bold;">Para:</span></b>
<a class="moz-txt-link-abbreviated" href="mailto:users@openswan.org">users@openswan.org</a><br>
<b><span style="font-weight: bold;">Assunto:</span></b> [Openswan
Users] Can
ping, but can't do anything else</span></font><o:p></o:p></p>
</div>
<p class="MsoNormal"><font face="Times New Roman" size="3"><span
style="font-size: 12pt;"><o:p> </o:p></span></font></p>
<p class="MsoPlainText"><font face="Courier New" size="2"><span
style="font-size: 10pt;">I’ve sent this mail to the list, but no one
reply’ed it.
Can anyone help me?<o:p></o:p></span></font></p>
<p class="MsoPlainText"><font face="Courier New" size="2"><span
style="font-size: 10pt;">I’ve been working on this for weeks now, and
i’m getting
desperate!<o:p></o:p></span></font></p>
<p class="MsoPlainText"><font face="Courier New" size="2"><span
style="font-size: 10pt;"><o:p> </o:p></span></font></p>
<p class="MsoPlainText"><font face="Courier New" size="2"><span
style="font-size: 10pt;"><o:p> </o:p></span></font></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;"><o:p> </o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">I've found something
quite strange
with tcpdump.<o:p></o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;"><o:p> </o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">using tcpdump in the
eth0, the one that
connects to the router, i found out that when i ping the remote host,
i
can see the (at lesat i think it is) ESP packets going, but the reply
packets
come in the clear, marked with icmp reply.<o:p></o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;"><o:p> </o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">Is this normal?<o:p></o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;"><o:p> </o:p></span></font></i></p>
<p class="MsoPlainText"><i><font face="Courier New" size="2"><span
style="font-size: 10pt; font-style: italic;">The strange thing is that
icmp works
no matter what routing setup i test, but nothing else works. I really
need to
use windows machines, and i have a big problem on my hands.....<o:p></o:p></span></font></i></p>
<p class="MsoPlainText"><i><font color="navy" face="Courier New"
size="2"><span
style="font-size: 10pt; color: navy; font-style: italic;"><o:p> </o:p></span></font></i></p>
<p class="MsoNormal"><font face="Times New Roman" size="3"><span
style="font-size: 12pt;"><o:p> </o:p></span></font></p>
</div>
<pre wrap="">
<hr size="4" width="90%">
_______________________________________________
Users mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Users@openswan.org">Users@openswan.org</a>
<a class="moz-txt-link-freetext" href="http://lists.openswan.org/mailman/listinfo/users">http://lists.openswan.org/mailman/listinfo/users</a>
</pre>
</blockquote>
</body>
</html>