Hi All,<br><br>I have a network to network set up between two firewalls. I am having an issue with one firewall not routing traffic correctly that is passed over a VPN. I moved to OpenSwan after trying to get the ipsec tunnel working with racoon, however found some *very* queer behaviour. The setup is as follows:<br>
<br>Remote Location:<br>Centos 4.7<br>OpenSwann<br>eth3 - WAN connection<br>eth2 - LAN connection<br><br>This firewall is directly attached to the internet via the ethernet connection<br><br>Local Location:<br>Centos 4.7<br>
OpenSwann<br>(eth2) ppp0 - VoIP internet connection<br>(eth3) ppp1 - WAN internet connection<br>eth1 - Internal Network<br>eth0 - Wireless Network<br><br>The Tunnel between the two hosts establishes, and when sending ICMP traffic from inside the Local Connection to the Remote Connection, the traffic is received at the Local router, encapsulated .and tunneled and sent to the remote router, where is is decrypted and passed on the remote server (checked with Wireshark... almost said ethereal there...). The remote server replies, This reply then completes the trip over the VPN but never arrives at the computer on the LAN.<br>
<br>Further investigation showed that the ICMP reply packet is coming in the ppp1 interface, the packet is then being decrypted and is showing the decrypted packet on the ppp1 interface, not the local interface (eth1) where the destination IP would suggest the packet should go.<br>
<br>I was having a similar issues when trying to get this setup working using the inbuilt racoon tools. I got the tunnel connected and working and could pass ICMP traffic over the connection, however when trying to use any service that returns packets on a tcpmux port, the returned packet would show on the ppp interface locally and not the internal LAN interface. ICMP traffic, however would pass.<br>
<br>Any suggestions? What do you guys need to help me troubleshoot this further?<br><br>Cheers,<br>Josh<br>