[Openswan Users] Gateway to Static IP, no ping
Paul Wouters
paul at xelerance.com
Sat Jun 18 21:18:26 CEST 2005
On Fri, 17 Jun 2005, Arnab Chowdry wrote:
> (Client) 132.239.201.224 -->
> [ Internet ] -->
> (Gateway) 132.239.201.186(ext) 192.168.10.1(int) -->
> 192.168.10.0/24 (internal subnet)
> config setup
> interfaces="ipsec0=eth0"
> klipsdebug=all
> plutodebug=all
set those to none please.
> conn hades-pandemonium
> left=132.239.201.186 # pandemonium
> leftsubnet=192.168.10.0/24
> leftnexthop=132.239.201.1
> leftfirewall=yes
> leftnexthop=132.239.201.1
> leftfirewall=yes
remove both leftfirewall settings and the double leftnexthop.
> And I get the normal success messages. The problem is, after I do this,
> hades can't ping any of the hosts on the internal 192.168.10.0/24 subnet. I
> know that hades and pandemonium can ping each other via the internet.
run 'ipsec verify'
- did you enable ip forwarding on hades?
- did you disable rp_filter ?
- check your firewall rules, they should allow proto 50, and proto udp port 500
and 4500.
Paul
More information about the Users
mailing list