[Openswan Users] ping works connect to ports doesn't

Paul Wouters paul at xelerance.com
Fri Aug 26 01:48:40 CEST 2005


On Thu, 25 Aug 2005, Boróczki Lajos wrote:

> I'm trying to set up an ipsec connection between openswan 2.2 and a d-link 
> di-824vup+ wireless vpn router. I got this far: automatic keying works ok, I 
> can ping from one of the subnets the other subnets' computers. The biggest 
> packet's size was 4000bytes, I could send, bigger  packets didn't get 
> through. But the strange thing is: I can open the admin port of the vpn 
> router from my linux gateway (using netcat: nc -s 192.168.xxx.xxx 
> 192.168.yyy.xxx 8080) But I cannot open that port, using a client computer on 
> the linux gw's subnet.

Run ipsec verify. Did you enable ip_forwarding? Are you MASQ/NATing packets
from the LAN by accident?

Paul


More information about the Users mailing list