[Openswan Users] Can ping, but can't do anything else

Jeremy Baker jab at muskokatech.ca
Mon Oct 4 20:57:12 CEST 2004 

I had a similar problem, and just had to make sure that ipsec packets were 
exempt from masquerading.

On Monday 04 October 2004 17:24, P wrote:
> I actually found my problem to be firewall related.  I had my own custom
> firewall script that I've been running and modifing for the last 3 years
> or so .... well just on a hunch i tried one of the prefab firewalls that
> was reccamended in the docs
> (http://heimdall.asgardsrealm.net/linux/firewall/) and low and behold
> ... my VPN worked.  I'd be glad to help you out if you need any
> help..... I spent many a late night trying to figure out what my problem
> was .....
>
> Luis Rodrigues wrote:
> > OK, at least I'm not the only one with this problem. I've found this
> > in the mailing list:
> >
> > It's from P, ipsec at dogclan.com .
> >
> >
> >
> > Anyone with an answer?
> >
> >
> >
> >/The tunnels come up and I can ping across the vpn with no problem.  I /
> >
> >/can ping from a client machine to another client, ect.  But that's it.  /
> >
> >/I can do anthing else.  Cant access shares, can't connect via remote /
> >
> >/desktop, can't connect to another remote admin program I've installed /
> >
> >/for testing, can't connect to a mail server that's on the other side of /
> >
> >/the vpn.  It seems the only thing I can do is ping.  I'm not getting any
> > /
> >
> >/firewall hits if I watch /var/log/messages while trying to use any of /
> >
> >/the previously mentions apps so I'm sure it's not firewall stopping it. 
> > /
> >
> >/I've tried running the app from subnet 1 and run tcpdump on eth1 on /
> >
> >/gateway 2 and I see the packets going across that interface.  At this /
> >
> >/point I'm pretty stumped./
> >
> >
> >
> >
> >
> > Anyone with an answer?
> >
> >
> >
> >
> >
> >
> >
> > ------------------------------------------------------------------------
> >
> > *De:* users-bounces at openswan.org [mailto:users-bounces at openswan.org]
> > *Em nome de *Luis Rodrigues
> > *Enviada:* segunda-feira, 4 de Outubro de 2004 16:26
> > *Para:* users at openswan.org
> > *Assunto:* [Openswan Users] Can ping, but can't do anything else
> >
> >
> >
> > I've sent this mail to the list, but no one reply'ed it. Can anyone
> > help me?
> >
> > I've been working on this for weeks now, and i'm getting desperate!
> >
> >
> >
> >
> >
> > / /
> >
> > /I've found something quite strange with tcpdump./
> >
> > / /
> >
> > /using tcpdump in the eth0, the one that connects to the router, i
> > found out  that when i ping the remote host, i can see the (at lesat i
> > think it is) ESP packets going, but the reply packets come in the
> > clear, marked with icmp reply./
> >
> > / /
> >
> > /Is this normal?/
> >
> > / /
> >
> > /The strange thing is that icmp works no matter what routing setup i
> > test, but nothing else works. I really need to use windows machines,
> > and i have a big problem on my hands...../
> >
> > / /
> >
> >
> >
> >------------------------------------------------------------------------
> >
> >_______________________________________________
> >Users mailing list
> >Users at openswan.org
> >http://lists.openswan.org/mailman/listinfo/users

-- 
Jeremy Baker <jab at muskokatech.ca>
GnuPGP fingerprint =
EE66 AC49 E008 E09A 7A2A  0195 50EF 580B EDBB 95B6
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20041004/c7ce8103/attachment.bin

More information about the Users mailing list