Válasz: Re: [Openswan Users] icmp passthrough

gabor.horvath at konicaminolta.hu gabor.horvath at konicaminolta.hu
Wed Apr 12 18:15:58 CEST 2006

Thank you for your answer !

I tried it with no success.  Packets are also encrypted. Anyway it is a 
transport mode and I also had to set leftnexthop although it's on the 
local network.

17:12:03.900468 IP > linux.km-int.hu: ICMP echo request, id 
512, seq 18432, length 40
17:12:03.900609 IP linux.km-int.hu > 
ESP(spi=0xb26e1892,seq=0x18), length 76

Any idea?

Üdvözlettel / Kind regards,

Horváth Gábor
hálózati és rendszeradminisztrátor / IT specialist

Konica Minolta Magyarország / Hungary

mailto:gabor.horvath at konicaminolta.hu

Érdeklődik a legújabb Konica Minolta hírek iránt? Iratkozzon fel a 
rendszeres hírlevelünkre! http://www.konicaminolta.hu/hirlevel

Paul Wouters <paul at xelerance.com>
2006.04.12 16:57
       Címzett:         gabor.horvath at konicaminolta.hu
         Másolat:       users at openswan.org
             Tárgy:     Re: [Openswan Users] icmp passthrough

On Wed, 12 Apr 2006, gabor.horvath at konicaminolta.hu wrote:

> If I use this setup then packets going from the server to the client 
> be encrypted though that's not what I want.
> I use "Linux Openswan 2.4.5rc5 (klips)"
> Thank you in advance.
> conn icmp
>     type=passthrough
>     rightprotoport=icmp
>     left=%defaultroute
>     leftprotoport=icmp
>     right=%any
>     auto=add

use auto=route, not auto=add


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060412/d82a4212/attachment-0001.htm

More information about the Users mailing list