<div id="mb_0">
<div>Hi all,</div>
<div> </div>
<div>I've set-up a tunnel between an openwrt White Russian 0.9 release and debian sid with openswan 2.4.6 with a 2.6.17 kernel.</div>
<div> </div>
<div>First digression to note is that I have had this combination working previously prior to WR 0.9.</div>
<div> </div>
<div>The tunnel works from the wrt end, through put is perfectly stable. </div>
<div>from the debian end I am unable to ping through the tunnel with errors ...reply from X.X.X.X destination net unreachable.</div>
<div>x.x.x.x is the next hop to the DSL router connected to the debian box, i.e. gateway to gateway.</div>
<div> </div>
<div>This leads me to suspect that new traffic from the debian end is being forwarded unencrypted.</div>
<div> </div>
<div>Other tunnels on the Debian box are OK.</div>
<div> </div>
<div> Subnet A <==>DEB<=>SHDSL <======================> CABLE MODEM<=> WRT==>Subnet B</div>
<div> </div>
<div>In brief subnet B can access subnet A, but subnet A cannot access B.</div>
<div>Nothing trapped in firewall logs.</div>
<div> </div>
<div>The route table is correct... Although it should be noted that tunnels look like they should.</div>
<div> </div>
<div>Other thing to note is that traceroutes to and from the wrt to the debian ends indicate different IP for the nexthop on the wrt side.</div>
<div>When using the alternate nexthop address from the debian end in both conf files, the tunnel succeeds, but automatic addition of the associated route fails at the wrt end. </div>
<div>Creating the route manually at the wrt end, results in successful throughput to the B subnet<font style="BACKGROUND-COLOR: #ffffff"> (wrt) to A Subnet (deb)</font>, but alas nothing from the A end to the B.</div>
<div> </div>
<div>Has anyone ever seen such an anomoly?</div>
<div> </div>
<div>I'm wondering if it might have something to do with the protocol 4 bug in 2.6.17 that has been reported previously?</div>
<div> </div>
<div>I've had to modify iptables on this box to accomodate the IP in IP protocol bug.</div>
<div> </div>
<div>Running out of ideas, anyone have any suggestions?</div>
<div> </div>
<div>Lew</div></div>