<br>Linux Openswan Uopenswan-2.4.9-31.el4/K2.6.18-128.1.6.el5 (netkey)<br><br>from one moment to another are linked but not pin or pass data from one end to another<br><br>my provider is telefonica<br><br>correctly assumes that the connection established, but the pins from the subnet to another subnet: ping reaches the other side, the machine responds the ping, but ping does not reach the other machine did not even see on the iptraf it arrives.<br>
<br>up the connection and I get this:<br># ipsec auto --up conexion<br><br>104 &quot;conexion&quot; #12: STATE_MAIN_I1: initiate<br>003 &quot;conexion&quot; #12: received Vendor ID payload [Openswan (this version) 2.4.15  PLUTO_SENDS_VENDORID PLUTO_USES_KEYRR]<br>
003 &quot;conexion&quot; #12: received Vendor ID payload [Dead Peer Detection]<br>106 &quot;conexion&quot; #12: STATE_MAIN_I2: sent MI2, expecting MR2<br>108 &quot;conexion&quot; #12: STATE_MAIN_I3: sent MI3, expecting MR3<br>
004 &quot;conexion&quot; #12: STATE_MAIN_I4: ISAKMP SA established {auth=OAKLEY_RSA_SIG cipher=oakley_3des_cbc_192 prf=oakley_md5 group=modp1536}<br>117 &quot;conexion&quot; #13: STATE_QUICK_I1: initiate<br>004 &quot;conexion&quot; #13: STATE_QUICK_I2: sent QI2, IPsec SA established {ESP=&gt;0xe18c4562 &lt;0x88a77768 xfrm=AES_0-HMAC_SHA1 IPCOMP=&gt;0x0000c07b &lt;0x0000a194 NATD=none DPD=none}<br>
<br><br><br>ipsec.conf :<br><br>version 2.0<br>config setup<br>        interfaces=%defaultroute<br>        nat_traversal=yes<br>        klipsdebug=all<br>        plutodebug=none<br><br>conn %default<br>        keyingtries=3<br>
        compress=yes<br>        disablearrivalcheck=no<br>        ikelifetime=20m<br>        keylife=60m<br>        rekey=no<br>        authby=rsasig<br>        leftrsasigkey=%cert<br>        rightrsasigkey=%cert<br><br><br>
conn conexion<br>        keyingtries=1<br>        type=tunnel<br>        authby=rsasig<br>        rekey=yes<br>        left=200.48.225.2<br>        leftsubnet=<a href="http://10.10.9.0/16">10.10.9.0/16</a><br>        leftid=@<a href="http://200.48.225.2">200.48.225.2</a><br>
        leftnexthop=200.48.225.1<br>        leftrsasigkey=0sAQ...<br>        right=192.0.2.9<br>        rightsubnet=<a href="http://10.11.1.0/24">10.11.1.0/24</a><br>        rightid=@<a href="http://192.0.2.9">192.0.2.9</a><br>
        rightnexthop=192.0.2.8<br>        rightrsasigkey=0sAQ...<br>        auto=add<br><br>include /etc/ipsec.d/examples/no_oe.conf<br><br>help me please<br><br>PD: the selinux = disabled<br><br>