[Openswan Users] Can ping, but can't do anything else

Ted Kaczmarek tedkaz at optonline.net
Mon Oct 4 15:40:33 CEST 2004 

On Mon, 2004-10-04 at 16:59 +0100, Luis Rodrigues wrote:
> OK, at least I’m not the only one with this problem. I’ve found this
> in the mailing list:
> 
> It’s from P, ipsec at dogclan.com .
> 
>  
> 
> Anyone with an answer?
> 
>  
> 
> The tunnels come up and I can ping across the vpn with no problem.  I 
> can ping from a client machine to another client, ect.  But that's it.  
> I can do anthing else.  Cant access shares, can't connect via remote 
> desktop, can't connect to another remote admin program I've installed 
> for testing, can't connect to a mail server that's on the other side of 
> the vpn.  It seems the only thing I can do is ping.  I'm not getting any 
> firewall hits if I watch /var/log/messages while trying to use any of 
> the previously mentions apps so I'm sure it's not firewall stopping it.  
> I've tried running the app from subnet 1 and run tcpdump on eth1 on 
> gateway 2 and I see the packets going across that interface.  At this 
> point I'm pretty stumped.
> 
>  
> 
>  
> 
> Anyone with an answer?
> 
>  
> 
>  
> 
>  
> 
>                                    
> ______________________________________________________________________
> 
> De:users-bounces at openswan.org [mailto:users-bounces at openswan.org] Em
> nome de Luis Rodrigues
> Enviada: segunda-feira, 4 de Outubro de 2004 16:26
> Para: users at openswan.org
> Assunto: [Openswan Users] Can ping, but can't do anything else
> 
> 
>  
> 
> I’ve sent this mail to the list, but no one reply’ed it. Can anyone
> help me?
> 
> I’ve been working on this for weeks now, and i’m getting desperate!
> 
>  
> 
>  
> 
>  
> 
> I've found something quite strange with tcpdump.
> 
>  
> 
> using tcpdump in the eth0, the one that connects to the router, i
> found out  that when i ping the remote host, i can see the (at lesat i
> think it is) ESP packets going, but the reply packets come in the
> clear, marked with icmp reply.
> 
>  
> 
> Is this normal?
> 
>  
> 
> The strange thing is that icmp works no matter what routing setup i
> test, but nothing else works. I really need to use windows machines,
> and i have a big problem on my hands.....
> 
>  

If you are running iptables did you try stopping it?
What did you set the MTU size for?

Ted

More information about the Users mailing list