[Openswan Users] Can ping, but can't do anything else

P ipsec at dogclan.com
Mon Oct 4 18:24:47 CEST 2004 

I actually found my problem to be firewall related.  I had my own custom 
firewall script that I've been running and modifing for the last 3 years 
or so .... well just on a hunch i tried one of the prefab firewalls that 
was reccamended in the docs 
(http://heimdall.asgardsrealm.net/linux/firewall/) and low and behold 
... my VPN worked.  I'd be glad to help you out if you need any 
help..... I spent many a late night trying to figure out what my problem 
was .....

Luis Rodrigues wrote:

> OK, at least I'm not the only one with this problem. I've found this 
> in the mailing list:
>
> It's from P, ipsec at dogclan.com .
>
>  
>
> Anyone with an answer?
>
>  
>
>/The tunnels come up and I can ping across the vpn with no problem.  I /
>
>/can ping from a client machine to another client, ect.  But that's it.  /
>
>/I can do anthing else.  Cant access shares, can't connect via remote /
>
>/desktop, can't connect to another remote admin program I've installed /
>
>/for testing, can't connect to a mail server that's on the other side of /
>
>/the vpn.  It seems the only thing I can do is ping.  I'm not getting any /
>
>/firewall hits if I watch /var/log/messages while trying to use any of /
>
>/the previously mentions apps so I'm sure it's not firewall stopping it.  /
>
>/I've tried running the app from subnet 1 and run tcpdump on eth1 on /
>
>/gateway 2 and I see the packets going across that interface.  At this /
>
>/point I'm pretty stumped./
>
>  
>
>  
>
> Anyone with an answer?
>
>  
>
>  
>
>  
>
> ------------------------------------------------------------------------
>
> *De:* users-bounces at openswan.org [mailto:users-bounces at openswan.org] 
> *Em nome de *Luis Rodrigues
> *Enviada:* segunda-feira, 4 de Outubro de 2004 16:26
> *Para:* users at openswan.org
> *Assunto:* [Openswan Users] Can ping, but can't do anything else
>
>  
>
> I've sent this mail to the list, but no one reply'ed it. Can anyone 
> help me?
>
> I've been working on this for weeks now, and i'm getting desperate!
>
>  
>
>  
>
> / /
>
> /I've found something quite strange with tcpdump./
>
> / /
>
> /using tcpdump in the eth0, the one that connects to the router, i 
> found out  that when i ping the remote host, i can see the (at lesat i 
> think it is) ESP packets going, but the reply packets come in the 
> clear, marked with icmp reply./
>
> / /
>
> /Is this normal?/
>
> / /
>
> /The strange thing is that icmp works no matter what routing setup i 
> test, but nothing else works. I really need to use windows machines, 
> and i have a big problem on my hands...../
>
> / /
>
>  
>
>------------------------------------------------------------------------
>
>_______________________________________________
>Users mailing list
>Users at openswan.org
>http://lists.openswan.org/mailman/listinfo/users
>  
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20041004/3e0f38ef/attachment.htm

More information about the Users mailing list