[Openswan Users] Ping and Routing

Luis Rodrigues luis.rodrigues at netgraf.com
Wed Sep 29 15:27:15 CEST 2004

tcpdump is your friend. Also you may need to lower MTU sizes, check the

Thanks for the reply, Ted. Indeed, it is.

I've found something quite strange with tcpdump.

using tcpdump in the eth0, the one that connects to the router, i found out
that when i ping the remote host, i can see the (at lesat i think it is) ESP
packets going, but the reply packets come in the clear, marked with icmp

Is this normal?

The strange thing is that icmp works no matter what routing setup i test,
but nothing else works. I really need to use windows machines, and i have a
big problem on my hands.....

-----Mensagem original-----
De: Ted Kaczmarek [mailto:tedkaz at optonline.net] 
Enviada: quarta-feira, 29 de Setembro de 2004 12:17
Para: Luis Rodrigues
Cc: users at openswan.org
Assunto: RE: [Openswan Users] Ping and Routing

On Wed, 2004-09-29 at 05:24, Luis Rodrigues wrote:
> This was a stupid question, i'm woking on this project with a coleague,
> he added a bunch of bogus routes, that were messing things up. The ping
> trough now. 
> But i have another problem. This VPN setup is to connect several Windows
> LAN's, and altough i can ping all the LAN's i cant get anything else
> the tunnel. When i try to access another computer on the LAN, with NET
> for example, it doesn't work. Do I need some special forward firewall
> or something like that, to get it to work?? Because all setup is exactly
> same as it was with freeswan 1.99. 

> What's up with this?

tcpdump is your friend. Also you may need to lower MTU sizes, check the

More information about the Users mailing list