[Openswan Users]
Paul Wouters
paul at xelerance.com
Fri Jan 21 19:08:21 CET 2005
On Fri, 21 Jan 2005, Paulo Ricardo Bruck wrote:
> 004 "contato-bino" #4: STATE_QUICK_I2: sent QI2, IPsec SA established
> {ESP=>0x9adc209b <0x7955dc13}
> tcpdump at 200.168.52.xx
> lorien:~# tcpdump -i eth1 -nlpt port ! 22
> tcpdump: verbose output suppressed, use -v or -vv for full protocol
> decode
> listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
> IP 200.207.125.xx > 200.168.52.xx: ESP(spi=0x7955dc13,seq=0xe)
> IP 192.168.0.11 > 192.168.1.2: icmp 64: echo request seq 14
> IP 200.207.125.xx > 200.168.52.xx: ESP(spi=0x7955dc13,seq=0xf)
> IP 192.168.0.11 > 192.168.1.2: icmp 64: echo request seq 15
Seems this machine is sending it okay. What does the receiving end show?
Perhaps firewall rules there that drop 192.168?
Run ipsec verify on both ends.
Paul
More information about the Users
mailing list