[Openswan Users] openswan sending strange esp-packets
Werner Hofer
w.hofer at hard-soft.at
Sat Oct 9 12:37:41 CEST 2004
Hi out there,
I have great troubles with my ipsec-connection between openswan and a
fortinet fgt-50a.
My setup:
10.101.1.0/24 --- 80.120.76.yyy ========= 80.122.75.zzz ---
192.168.133.0/24
local subnet my openswan box remote fgt-50a remote
subnet
I've tried several openswan and kernel versions. My current setup is
Openswan 2.2.0 with Kernel 2.6.8 (debian).
The tunnel is up, everthing seems fine. If I do a ping to a remote host,
everything works. I get this with tcpdump -i eth0 ip proto 50:
10:13:29.232509 80.120.76.yyy > 80.122.75.zzz:
ESP(spi=0x2c4a9717,seq=0x41)
10:13:29.260367 80.122.75.zzz > 80.120.76.yyy:
ESP(spi=0xbfae39b6,seq=0x2d)
10:13:30.236279 80.120.76.yyy > 80.122.75.zzz:
ESP(spi=0x2c4a9717,seq=0x42)
10:13:30.267596 80.122.75.zzz > 80.120.76.yyy:
ESP(spi=0xbfae39b6,seq=0x2e)
Nice ESP-Packets going out and coming back. Great!
But any other connection fails. If I want to access the server at the
remote site (192.168.133.1) tcpdump says following:
1) 10:13:31.251920 80.120.76.yyy > 80.122.75.zzz:
ESP(spi=0x2c4a9717,seq=0x43)
2) 10:13:31.284165 80.122.75.zzz > 80.120.76.yyy:
ESP(spi=0xbfae39b6,seq=0x2f)
3) 10:13:32.016439 80.122.75.zzz > 80.120.76.yyy:
ESP(spi=0xbfae39b6,seq=0x30)
4) 10:13:32.016697 80.120.76.yyy > 192.168.133.1:
ESP(spi=0x2c4a9717,seq=0x44)
5) 10:13:32.026238 80.122.75.zzz > 80.120.76.yyy:
ESP(spi=0xbfae39b6,seq=0x31)
6) 10:13:32.026477 80.120.76.yyy > 192.168.133.1:
ESP(spi=0x2c4a9717,seq=0x45)
1) First ESP-Packet
2) Response from remote vpn-gateway -> OK
3) 2nd Response?
4 and 6) What the hell is that? Packets from my vpn-box to an address
INSIDE the remote subnet... I think that's the problem.
Any help would be appreciated..
Thanks
Werner
More information about the Users
mailing list