when I ping the internal interface of the vpn gateway <a href="http://172.16.8.1"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.16.8.1" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.16.8.1</a> i get response from default gateway "host unrechable". there is no route to that network on any of the hosts. why the packets destined to that
<a href="http://172.16.8.0"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "172.16.8.0" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 172.16.8.0</a> network are sent to default gateway? they should be sent to the tunnel (in this case vpn gateway adderess which is <a href="http://10.1.1.100"></b></font><font color="red"><b>MailScanner has detected a possible fraud attempt from "10.1.1.100" claiming to be</b></font> <font color="red"><b>MailScanner warning: numerical links are often malicious: 10.1.1.100</a>) is this correct? you were right the IP forwarding on the gateway was disabled, but i need that to reach any hosts on that network but i should be able to reach the internal interface even when the IP forwarding is disabled, at least i could from the default gateway.
<br><br>
<div><span class="gmail_quote">On 5/4/06, <b class="gmail_sendername">Paul Wouters</b> <<a href="mailto:paul@xelerance.com">paul@xelerance.com</a>> wrote:</span>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">On Thu, 4 May 2006, Freight Car wrote:<br><br>> I am trying to setup openswan gateway, so users can connect to it and access
<br>> NAT network behind this gateway. I got lsipsectool now, it says the tunnel<br>> is active but i can not ping the internal interface of the gateway (I shoud<br>> be able to, right?).<br><br>Yes you should. Run ipsec verify. You are either not forwarding, dropping
<br>packets in the firewall, or accidentally NATting ipsec packets.<br><br>Paul<br></blockquote></div><br>