[Openswan Users] Simple setup but its not working

Gary W. Smith gary at primeexalia.com
Sun Jan 16 19:49:26 CET 2005

Sounds like you're having a firewall issue.  I just ran into the same
problem.  I had the firewall to block all private IP's coming from eth0
(inet IP) to ensure spoof protection.  By default this spoof protection
was for TCP/UDP only therefore ping worked just fine. 

There was an article that described using the MARK property to label
incoming packets based on the eps (esp?) protocol.

Since then it has worked fine.

Hope this helps

Gary Wayne Smith

-----Original Message-----
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of Glover George
Sent: Sunday, January 16, 2005 6:35 PM
To: users at openswan.org
Subject: [Openswan Users] Simple setup but its not working

I then run setkey -f /etc/ipsec.conf on each machine.  Now, from a
machine on either subnet, i can ping all hosts on the other subnets
fine, so it seems the tunnel is up.  However, nothing else works. 
Telnet, ssh, http, etc, do not work.  So I tried a few dumps at
various places, but find this to be the most annoying.

More information about the Users mailing list