<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
<title></title>
</head>
<body bgcolor="#ffffff" text="#000000">
Are ICMP packets encapsulted in esp headers? Use tcpdump with protocol
option set to esp and see if there is any traffiic coming out and check
for udp packets with port 4500 (for NAT Traversal traffic). <br>
<br>
W dniu 19.02.2013 23:32, Marcelo Moras pisze:
<blockquote
cite="mid:CA+7NecEB6E88UUvQZ73LrFR9=yRf2QOTpeQkGxYwS17bQDUmhQ@mail.gmail.com"
type="cite">
<div dir="ltr">
<div>
<div>Hi,<br>
<br>
I Established a connection with openswan and 2 linux CentOs.<br>
<br>
scenario:<br>
|<a moz-do-not-send="true"
href="http://10.0.0.0/24---172.30.1.254%7C---%7C200.x.x.x%7C---INTERNET---%7C201.X.X.X--192.168.222.0/20%7C">10.0.0.0/24---172.30.1.254|---|200.x.x.x|---INTERNET---|201.X.X.X--192.168.222.0/20|</a><br>
<br>
|Firewall-OpenSwan | | router | |OpenSwan
|<br>
<br>
Logs OK<br>
sent QI2, IPsec SA established<br>
ISAKMP SA established<br>
<br>
Tunnel OK<br>
IPsec running - pluto pid: 9153<br>
pluto pid 9153<br>
1 tunnels up<br>
<br>
But I can not ping from one station to another ip<br>
Ping from 10.0.0.122 to 192.168.222.10<br>
<br>
tcpdump Firewall-OpenSwan (left)<br>
IP 10.0.0.122 > <a moz-do-not-send="true"
href="http://192.168.222.10">192.168.222.10</a>: ICMP echo request, id
512, seq 26759, length 40<br>
<br>
tcpdump Openswan (right)<br>
10.0.0.122 > <a moz-do-not-send="true" href="http://192.168.222.10">192.168.222.10</a>:
ICMP echo request, id 512, seq 27527, length 40<br>
<br>
Do not have the reply, can someone help me?<br>
<br>
</div>
Regards,<br>
</div>
Marcelo<br>
</div>
<pre wrap="">
<fieldset class="mimeAttachmentHeader"></fieldset>
_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
</blockquote>
<br>
</body>
</html>