<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:st1="urn:schemas-microsoft-com:office:smarttags" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<meta name=Generator content="Microsoft Word 11 (filtered medium)">
<o:SmartTagType namespaceuri="urn:schemas-microsoft-com:office:smarttags"
name="place"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
h2
{margin-top:12.0pt;
margin-right:0cm;
margin-bottom:3.0pt;
margin-left:36.85pt;
text-indent:-19.85pt;
page-break-after:avoid;
mso-list:l0 level1 lfo2;
font-size:12.0pt;
font-family:Arial;}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
p.Normal2, li.Normal2, div.Normal2
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:1.0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:Arial;}
p.Comando, li.Comando, div.Comando
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:106.8pt;
margin-bottom:.0001pt;
text-indent:-18.0pt;
mso-list:l1 level1 lfo3;
font-size:12.0pt;
font-family:"Courier New";}
p.File, li.File, div.File
{margin-top:0cm;
margin-right:0cm;
margin-bottom:0cm;
margin-left:55.2pt;
margin-bottom:.0001pt;
background:#CCCCCC;
border:none;
padding:0cm;
font-size:9.0pt;
font-family:"Courier New";
color:navy;}
span.EstiloCorreo20
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:595.3pt 841.9pt;
margin:70.85pt 3.0cm 70.85pt 3.0cm;}
div.Section1
{page:Section1;}
/* List Definitions */
@list l0
{mso-list-id:249430681;
mso-list-type:hybrid;
mso-list-template-ids:206608104 -1767744844 201981977 201981979 201981967 201981977 201981979 201981967 201981977 201981979;}
@list l0:level1
{mso-level-number-format:alpha-upper;
mso-level-style-link:"Título 2";
mso-level-tab-stop:36.85pt;
mso-level-number-position:left;
margin-left:36.85pt;
text-indent:-19.85pt;}
@list l1
{mso-list-id:451946762;
mso-list-type:hybrid;
mso-list-template-ids:517127894 1664363986 201981955 201981957 201981953 201981955 201981957 201981953 201981955 201981957;}
@list l1:level1
{mso-level-number-format:bullet;
mso-level-style-link:Comando;
mso-level-text:"\#";
mso-level-tab-stop:106.8pt;
mso-level-number-position:left;
margin-left:106.8pt;
text-indent:-18.0pt;
mso-ansi-font-size:12.0pt;
mso-bidi-font-size:12.0pt;
font-family:"Courier New";
mso-bidi-font-family:"Times New Roman";
mso-ansi-font-weight:bold;
mso-ansi-font-style:normal;}
ol
{margin-bottom:0cm;}
ul
{margin-bottom:0cm;}
-->
</style>
</head>
<body lang=ES link=blue vlink=purple>
<div class=Section1>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>Hi,<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>I set up a VPN between 2 Fedora Core 5 (Kernel 2.6.15-1.2054_FC5smp)
using OpenSwan 2.4.4<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>Tunnels are OK!<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'># service ipsec status<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>IPsec running - pluto
pid: 23992<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>pluto pid 23992<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>3 tunnels up<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'> <o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>If I ping from a machine in LAN A to a machine on the
remote LAN (B) it work OK<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'># ping 192.168.20.101<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><st1:place w:st="on"><font
size=2 face=Arial><span lang=EN-US style='font-size:10.0pt;font-family:Arial'>PING</span></font></st1:place><font
size=2 face=Arial><span lang=EN-US style='font-size:10.0pt;font-family:Arial'>
192.168.20.101 (192.168.20.101) 56(84) bytes of data.<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>64 bytes from
192.168.20.101: icmp_seq=1 ttl=126 time=53.1 ms<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>64 bytes from
192.168.20.101: icmp_seq=2 ttl=126 time=49.9 ms<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'># tcpdump -nli eth0 proto 50<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'> 14:37:38.939450 IP XXX.XXX.XX.XX > YYY.YYY.YYY.YYY:
ESP(spi=0x3cec758d,seq=0x3), length 132<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>14:37:38.989187 IP YYY.YYY.YYY.YYY
> XXX.XXX.XX.XX: ESP(spi=0x8a87736f,seq=0x3), length 132<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>14:37:39.940881 IP XXX.XXX.XX.XX
> YYY.YYY.YYY.YYY: ESP(spi=0x3cec758d,seq=0x4), length 132<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>14:37:39.992031 IP YYY.YYY.YYY.YYY
> XXX.XXX.XX.XX: ESP(spi=0x8a87736f,seq=0x4), length 132<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>It see very OK! … But when I try any other
protocol like SSH, it don’ work from a machine in LAN A to a remote machine
in LAN B<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'># ssh 192.168.20.101<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>No ESP traffic is seen in eth0. But I see not encrypted
and not NATed packets in eth0<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'># tcpdump -nli eth0 | grep 192.168.<o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>14:44:08.752777 IP
192.168.0.222.51379 > 192.168.20.101.ssh: S 1950168007:1950168007(0) win
5840 <mss 1460,sackOK,timestamp 155885933 0,nop,wscale 2><o:p></o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'>14:44:11.753190 IP
192.168.0.222.51379 > 192.168.20.101.ssh: S 1950168007:1950168007(0) win
5840 <mss 1460,sackOK,timestamp 155886683 0,nop,wscale 2><o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>In iptables I have the following rule to NAT at eth0:<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>-A POSTROUTING -o eth0 ! -d 192.168.0.0/255.255.0.0
-j MASQUERADE<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>I do exactly the same in WhiteBox and it work fine…
In fedora Core 4 I have this problem.<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>Any idea what cause this problem?<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>Tomas<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'>P.D.: sorry my bad English<o:p></o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal><font size=2 face=Arial><span lang=EN-US style='font-size:
10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
<p class=MsoNormal style='text-indent:35.4pt'><font size=2 face=Arial><span
lang=EN-US style='font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></font></p>
</div>
</body>
</html>