<br><br>I have two Linux boxes, connected via openswan. The tunnel starts up correctly, routes are visable, and everything seems to be ok.<br><br>From the remote side, I can easily connect to my excruded subnet without issue. For example, I have
<a href="http://192.168.0.0/24">192.168.0.0/24</a> excruded, and I can connet to .50, .60, .1 without issue. I can initiate TCP connections, there are no problems. ICMP works fine too.<br><br>However, when I try to initiate a connecton from the local side, I can not connect to the remote side's IP. The route is visible via ip route or route command, but the traffic simply leaves the routed interface without encryption. For example, I have
<a href="http://192.168.15.90">192.168.15.90</a> excruded to the local side, its IP shows via 'route' as being routed to the ppp0 device. However, mtr or traceroutes show all the traffic simply flying out ppp0 unencrypted, in a doomed-to-fail attempt to reach .90 via the open net.
<br><br>Since traffic is functioning correctly when initiated one way, something quite weird is definitely happening. Does anyone have any obviously overlooked suggestions for me, prior to getting arm deep into configuration, iptables and route configuration? As a side note, this box does support windows clients successfully. There are currently a half dozen connected right now, encryption functioning both ways, in an L2TP/ipsec config.
<br><br>I've looked at my NAT settings, and I do not see how output to <a href="http://192.168.15.90">192.168.15.90</a> could be hit by a NAT rule of any sort.<br><br>Any help appreciated, please CC me, I'm not on the list!
<br><br>Thanks!<br>