[Openswan Users] Problems with a tunnel

Michael Schwartzkopff misch at multinet.de
Sun May 8 12:27:23 CEST 2005


Hi,

we have defined a tunnel between two subnets. Everything was working fine for 
half a year. Pings went from here to there and back. Now something strange 
happened:

From the left subnet I can ping only one computer in the right subnet, but not 
the second. If I do tcpdump on the interfaces of the right firewall I see:

- one encyrpted packet is comming in on the ext. IF
- one ICMP echo request is leaving the internal IF
- one ICMP echo reply is entering the internal IF
- NO encrypted packet is leaving the external IF

- Pings to an other computer in the right subnet work.
- I think I did all the firewalling correcly. I even tried to add special 
ACCEPT rules. These rules are triggered.
- Routing seems to be correcly.
- I restarted the ipsec tunnel with ipsec auto --down / --up

Any idea where the packets are disappear?
Any idea how I can trace the packets on the way through the kernel?

Setup: 
Kernel 2.4.20-4GB and freeswan-1.99_0.9.34-93 from SuSE 8.2 professional.


Thanks for any help


More information about the Users mailing list