[Openswan Users] Can't reach hosts behind my VPN-Gateway

Sebastian Albrecht albrecht at irf.de
Fri Apr 16 15:42:14 CEST 2004

> *snip* looks better. From your config, you're only configuring 
> ipsec1, not ipsec0 - is that your intent?

I played a bit with both. The problem is the same when having only
ipsec1 or when having ipsec0 and ipsec1. I thought the virtual ipsec
interface is only needed on the wireless side, the gateway decrypts the
packets and sends them to their destination in the private LAN via eth0.

> That's very odd - you'd expect to at least see packets coming in. You
>  get nothing at all, or they just aren't encrypted?

I see packets coming in, but only on eth1, not on eth0, as expected. 
tcpdump shows "arp who-has" packets coming in on eth1, but not on ipsec1 
nor ipsec0.

regards, Sebastian.

More information about the Users mailing list