[Openswan Users] Problem with source address

Luis Abenza Sánchez luis at i-excom.com
Wed Jun 23 02:41:52 CEST 2004 

Hello all!

 

I have a client with a central vpn Server and several remote vpn servers.
The last one I had installed is a Fedora Core 1 with openswan-2.1.4 and
shorewall. I have the same configuration of the other servers (the other
ones are different RedHat versions). I have the same shorewall version with
the same rule. The tunnels seems to start well:

 

Jul  7 01:31:39 centroempresas pluto[4853]: "hqnetempresas-satgateempresas"
#1: ISAKMP SA established

Jul  7 01:31:39 centroempresas pluto[4853]: "hqempresas-satempresas" #2:
initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}

Jul  7 01:31:39 centroempresas pluto[4853]: "hqgateempresas-satnetempresas"
#3: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}

Jul  7 01:31:39 centroempresas pluto[4853]: "hqgateempresas-satgateempresas"
#4: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}

Jul  7 01:31:39 centroempresas pluto[4853]: "hqnetempresas-satgateempresas"
#5: initiating Quick Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}

Jul  7 01:31:40 centroempresas pluto[4853]: "hqempresas-satempresas" #2:
sent QI2, IPsec SA established {ESP=>0xbf3a6bc7 <0x34ec2e66}

Jul  7 01:31:40 centroempresas pluto[4853]: "hqgateempresas-satnetempresas"
#3: sent QI2, IPsec SA established {ESP=>0xbf3a6bc8 <0x34ec2e67}

Jul  7 01:31:40 centroempresas pluto[4853]: "hqgateempresas-satgateempresas"
#4: sent QI2, IPsec SA established {ESP=>0xbf3a6bc9 <0x34ec2e68}

Jul  7 01:31:40 centroempresas pluto[4853]: "hqnetempresas-satgateempresas"
#5: sent QI2, IPsec SA established {ESP=>0xbf3a6bca <0x34ec2e69}

 

These are the tunnels between the two servers and the nets.

 

The problem is when I try to ping or generate traffic. It doesn’t do
anything. Any logs, or firewall alerts. And from the “sat”, with ettercap I
have seen that the source address is the public address when generating the
traffic through ipsec0, from the other one, and all the other servers is the
private address.

 

Any idea?

 

Thanks!

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20040623/7ae976d7/attachment.htm

More information about the Users mailing list