<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; "><div><div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b><br></b></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.</b></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b><br></b></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>From: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><<a href="mailto:ron.johnston@rexquist.com">ron.johnston@rexquist.com</a>><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Subject: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><b>Openswan to Cisco ASA: Encaps OK, no Decaps</b><br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>Date: </b></span><span style="font-family:'Helvetica'; font-size:medium;">28 January, 2013 1:01:04 PM EST<br></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;"><span style="font-family:'Helvetica'; font-size:medium; color:rgba(127, 127, 127, 1.0);"><b>To: </b></span><span style="font-family:'Helvetica'; font-size:medium;"><a href="mailto:users@lists.openswan.org">users@lists.openswan.org</a><br></span></div><br><br><div><span style="font-family: Verdana; font-size: 10pt; "><div>Hi, we have recently used OpenSwan (2.6.3) to create a tunnel to a Cisco ASA.</div><div><br></div><div>The tunnel comes up. From the Linux box running OpenSwan, I can see traffic initiated from the users on the Cisco side come through the tunnel and target the web server. On the Web Server, I can see traffic come in, acknowledged, and return packets sent; the return packets do not make it back to the Linux box so they do not go through the tunnel.</div><div><br></div><div>If I do a wget on the linux box to the same page requested from the Cisco side user, the page is returned.</div><div><br></div><div>Thought?</div><div><br></div><div>Thanks in advance.</div><div><br></div><div>Background</div><div><br></div><div><b>Test 1</b></div><div></div><div style="-webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; font-family: verdana, geneva; font-size: 13.333333969116211px; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; margin: 0px; orphans: 2; padding: 0px; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; " mce_style="-webkit-text-size-adjust:auto;-webkit-text-stroke-width:0;color:#000000;font-family:verdana, geneva;font-size:13.333333969116211px;font-style:normal;font-variant:normal;font-weight:normal;letter-spacing:normal;margin:0;orphans:2;padding:0;text-align:start;text-indent:0;text-transform:none;white-space:normal;widows:2;word-spacing:0">OpenSwan server --> Web Server --> OpenSwan server [OK]</div><div><br><b>Test 2 (VPN Tunnel)</b></div><div>User --> Cisco ASA --> OpenSwan --> Web Server --> ???? [Not OK]</div><div><br></div><div><br></div><div><br></div><div><br></div></span></div>
<br><br></div></div><br></body></html>