[Openswan Users] Tunnel established but no traffic
Paul Wouters
paul at xelerance.com
Mon Apr 25 19:20:28 CEST 2005
On Mon, 25 Apr 2005, Mark Maiden wrote:
> I've set up two linux boxes with OpenSwan and the tunnel has been established
> correctly per these messages :
>
> Apr 25 16:39:49 ftptest pluto[9113]: "dublin-to-boston" #1: ISAKMP SA
> established
> Apr 25 16:39:49 ftptest pluto[9113]: "dublin-to-boston" #4: initiating Quick
> Mode PSK+ENCRYPT+TUNNEL+PFS+UP {using isakmp#1}
> Apr 25 16:39:49 ftptest pluto[9113]: "dublin-to-boston" #4: transition from
> state STATE_QUICK_I1 to state STATE_QUICK_I2
> Apr 25 16:39:49 ftptest pluto[9113]: "dublin-to-boston" #4: sent QI2, IPsec
> SA established {ESP=>0xd0862f55 <0x7a7cfd70}
>
> But I can't establish a route between the two private networks(192.168.1.x &
> 192.168.100.x) and I can't transmit info between the two.
I do not see enough information to see what this could be. Post an 'ipsec barf'
somewhere for us to look at.
> I have iptables firewalls on both boxes and made the appropriate changes to
> exclude packets from traversing the tunnel with NAT.
You have a lot of rules. try to either disable them for a minute for testing,
or temporarily insert some accept rules to bypass all the rules.
Paul
More information about the Users
mailing list