[Openswan Users] All of packets getting dropped at ipsec0
Paul Wouters
paul at xelerance.com
Tue Jun 28 04:51:48 CEST 2005
On Tue, 28 Jun 2005, Wah Jong wrote:
> As a matter of fact, I have been getting vpn as a road warrior to these of
> two gateways successfully for many times.
> I make sure ip_forwarding getting enabled at both ends indeed.
> Might it be possible the connection setting getting something wrong even
> though ipsec can be established?
> Many thanks,
Then a more likely cause is accidental NAT/MASQ of ipsec packets. Are you
exluding NAT for all packets from/to the left/rightsubnets?
Paul
> On 6/28/05, Paul Wouters <paul at xelerance.com> wrote:
>>
>> On Mon, 27 Jun 2005, Wah Jong wrote:
>>
>>> I've found all of packets in ipsec0 getting dropped when I ping from
>>> 192.168.10.117 <http://192.168.10.117> <http://192.168.10.117> to client
>> at opposite subnet
>>
>> Your configuration is ok. run 'ipsec verify' on both ends.
>>
>> Perhaps you did not enable ip_forwarding on one of the gateways?
>>
>> Paul
>> --
>>
>> "I am not even supposed to be here today!" -- Clerics
>>
>
--
"I am not even supposed to be here today!" -- Clerk
More information about the Users
mailing list