<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 TRANSITIONAL//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=UTF-8">
<META NAME="GENERATOR" CONTENT="GtkHTML/3.0.10">
</HEAD>
<BODY>
Maybe a silly problem but for a stupid guy like me are a huge problem....<BR>
<BR>
The machines are not in production and the internet is emulated by another linux box with only ip_forward = 1.<BR>
<BR>
Right Network Right Server Left Server Left Network<BR>
10.210.21.0------10.210.21.1/192.168.200.100 ---(internet)---200.178.78.1/10.20.10.60-----10.20.0.0<BR>
eth1 eth0 eth0 eth1<BR>
<BR>
Any network test from the Right Clients to the Left Network are OK.<BR>
Ane test directly from the Right Server to the Left Network are NOT OK.<BR>
<BR>
RESUMING: The Right clients are OK bur the Right server itself DONT!!! Really stupid!!<BR>
<BR>
The IPSEC tunnel is ok, the packets are encripted between the eth0's, but only if they come from the Right Network Clients.<BR>
Another information, the Left Server can ping the Right Server but only if we do an "ping 10.210.21.1 -I eth1".<BR>
<BR>
In the IPTRAF I can see "ICMP dest unrch from 10.210.21.1 to 10.210.21.1 on lo" in the Right Server wen trying to ping the Left Server.<BR>
<BR>
Maybe I have to create another tunnel just for the traffic from the server to the Left Network.<BR>
<BR>
Regards,<BR>
Augusto PIzarro<BR>
Rio de Janeiro - Brazil<BR>
<TABLE CELLSPACING="0" CELLPADDING="0" WIDTH="100%">
<TR>
<TD>
<BR>
</TD>
</TR>
</TABLE>
</BODY>
</HTML>