<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body text="#000000" bgcolor="#FFFFFF">
    Add a leftsourceip to the conn. Also do not leave any blank lines in
    the conn definition.<br>
    <br>
    <div class="moz-cite-prefix">On 14/08/2013 05:52, Ben Schmidt wrote:<br>
    </div>
    <blockquote
cite="mid:CA+Cs8xJCbMiQ-zRsOQkf9PGFaViE=WkpTfajFFiZ3--roP5nEA@mail.gmail.com"
      type="cite">
      <div dir="ltr">Hi Gertjan,
        <div><br>
        </div>
        <div>ping to a Address in the DST Network that should reply:</div>
        <div>
          <div>#########<br>
          </div>
          <div>ipsec01:~# ping 10.41.35.4</div>
          <div>PING 10.41.35.4 (10.41.35.4) 56(84) bytes of data.</div>
          <div>From yyy.yyy.27.137 icmp_seq=1 Destination Host
            Unreachable</div>
          <div>From yyy.yyy.27.137 icmp_seq=2 Destination Host
            Unreachable</div>
        </div>
        <div>#########</div>
        <div><br>
        </div>
        <div>tcpdump:</div>
        <div>#########</div>
        <div>
          <div>ipsec01:~# tcpdump -n not port 22</div>
          <div>tcpdump: verbose output suppressed, use -v or -vv for
            full protocol decode</div>
          <div>listening on eth0, link-type EN10MB (Ethernet), capture
            size 65535 bytes</div>
          <div>06:48:51.743462 IP yyy.yyy.27.141 &gt; <a
              moz-do-not-send="true" href="http://10.41.35.4">10.41.35.4</a>:
            ICMP echo request, id 4483, seq 1, length 64</div>
          <div>06:48:51.744362 IP yyy.yyy.27.137 &gt; yyy.yyy.27.141:
            ICMP host 10.41.35.4 unreachable, length 36</div>
          <div>06:48:52.744488 IP yyy.yyy.27.141 &gt; <a
              moz-do-not-send="true" href="http://10.41.35.4">10.41.35.4</a>:
            ICMP echo request, id 4483, seq 2, length 64</div>
          <div>06:48:52.745262 IP yyy.yyy.27.137 &gt; yyy.yyy.27.141:
            ICMP host 10.41.35.4 unreachable, length 36</div>
        </div>
        <div>#########</div>
        <div>yyy.yyy.27.141 is my public Gateway</div>
        <div><br>
        </div>
        <div>Any Ideas?</div>
        <div>
          <br>
        </div>
        <div>Thanks,</div>
        <div>Ben</div>
      </div>
      <div class="gmail_extra"><br>
        <br>
        <div class="gmail_quote">On Tue, Aug 13, 2013 at 6:43 PM,
          Gertjan Baarda <span dir="ltr">&lt;<a moz-do-not-send="true"
              href="mailto:gertjan.baarda@gmail.com" target="_blank">gertjan.baarda@gmail.com</a>&gt;</span>
          wrote:<br>
          <blockquote class="gmail_quote" style="margin:0 0 0
            .8ex;border-left:1px #ccc solid;padding-left:1ex">What does
            the ping output say?
            <div class="HOEnZb">
              <div class="h5"><span></span><br>
                <br>
                On Tuesday, August 13, 2013, Ben Schmidt wrote:<br>
                <blockquote class="gmail_quote" style="margin:0 0 0
                  .8ex;border-left:1px #ccc solid;padding-left:1ex">
                  <div dir="ltr">
                    <div>
                      Hallo Mailing List,</div>
                    <div><br>
                    </div>
                    <div>I got VPN up and running from openswan 2.6.37-3
                      running on debian 7 amd64 connecting to a Juniper
                      ISG.</div>
                    <div>My Problem is that I can not get a single ping
                      over the Tunnel, seems like a routing Issue.</div>
                    <div><br>
                    </div>
                    <div>Here is my config: <a moz-do-not-send="true"
                        href="http://pastebin.com/QdqtpPsg"
                        target="_blank">http://pastebin.com/QdqtpPsg</a></div>
                    <div>Here is the ouput of "ipsec auto --status": <a
                        moz-do-not-send="true"
                        href="http://pastebin.com/7i4UJKAu"
                        target="_blank">http://pastebin.com/7i4UJKAu</a></div>
                    <div>Here is the output of "ipsec barf" &gt; <a
                        moz-do-not-send="true"
                        href="http://pastebin.com/iaMkuGwc"
                        target="_blank">http://pastebin.com/iaMkuGwc</a></div>
                    <div><br>
                    </div>
                    <div>So it tells me that "ip xfrm policy" is</div>
                    <div>###########</div>
                    <div>src <a moz-do-not-send="true"
                        href="http://192.168.210.0/24" target="_blank">192.168.210.0/24</a>
                      dst <a moz-do-not-send="true"
                        href="http://10.41.35.0/24" target="_blank">10.41.35.0/24</a></div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; dir out priority 2344 ptype main</div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; tmpl src yyy.yyy.27.141 dst
                      zzz.zzz.2.74</div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; proto esp reqid 16385 mode
                      tunnel</div>
                    <div>src <a moz-do-not-send="true"
                        href="http://10.41.35.0/24" target="_blank">10.41.35.0/24</a>
                      dst <a moz-do-not-send="true"
                        href="http://192.168.210.0/24" target="_blank">192.168.210.0/24</a></div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; dir fwd priority 2344 ptype main</div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; tmpl src zzz.zzz.2.74 dst
                      yyy.yyy.27.141</div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; proto esp reqid 16385 mode
                      tunnel</div>
                    <div>src <a moz-do-not-send="true"
                        href="http://10.41.35.0/24" target="_blank">10.41.35.0/24</a>
                      dst <a moz-do-not-send="true"
                        href="http://192.168.210.0/24" target="_blank">192.168.210.0/24</a></div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; dir in priority 2344 ptype main</div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; tmpl src zzz.zzz.2.74 dst
                      yyy.yyy.27.141</div>
                    <div>&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; proto esp reqid 16385 mode
                      tunnel</div>
                    <div>###########</div>
                    <div><br>
                    </div>
                    <div>That should do what I want, but it doesn't.</div>
                    <div><br>
                    </div>
                    <div>Could someone please point me in a direction to
                      look at?</div>
                    <div><br>
                    </div>
                    <div>Thanks a lot,</div>
                    <div>Ben</div>
                    <div><br>
                    </div>
                  </div>
                </blockquote>
                <br>
                <br>
              </div>
            </div>
            <span class="HOEnZb"><font color="#888888">-- <br>
                Sent from Gmail Mobile<br>
              </font></span></blockquote>
        </div>
        <br>
      </div>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
<a class="moz-txt-link-abbreviated" href="mailto:Users@lists.openswan.org">Users@lists.openswan.org</a>
<a class="moz-txt-link-freetext" href="https://lists.openswan.org/mailman/listinfo/users">https://lists.openswan.org/mailman/listinfo/users</a>
Micropayments: <a class="moz-txt-link-freetext" href="https://flattr.com/thing/38387/IPsec-for-Linux-made-easy">https://flattr.com/thing/38387/IPsec-for-Linux-made-easy</a>
Building and Integrating Virtual Private Networks with Openswan:
<a class="moz-txt-link-freetext" href="http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155">http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155</a>
</pre>
    </blockquote>
    <br>
  </body>
</html>