[Openswan Users] Problems with a tunnel
Michael Schwartzkopff
misch at multinet.de
Sun May 8 12:27:23 CEST 2005
Hi,
we have defined a tunnel between two subnets. Everything was working fine for
half a year. Pings went from here to there and back. Now something strange
happened:
From the left subnet I can ping only one computer in the right subnet, but not
the second. If I do tcpdump on the interfaces of the right firewall I see:
- one encyrpted packet is comming in on the ext. IF
- one ICMP echo request is leaving the internal IF
- one ICMP echo reply is entering the internal IF
- NO encrypted packet is leaving the external IF
- Pings to an other computer in the right subnet work.
- I think I did all the firewalling correcly. I even tried to add special
ACCEPT rules. These rules are triggered.
- Routing seems to be correcly.
- I restarted the ipsec tunnel with ipsec auto --down / --up
Any idea where the packets are disappear?
Any idea how I can trace the packets on the way through the kernel?
Setup:
Kernel 2.4.20-4GB and freeswan-1.99_0.9.34-93 from SuSE 8.2 professional.
Thanks for any help
More information about the Users
mailing list