[Openswan Users] ping: ok, ssh: connection timed out
Paul Wouters
paul at xelerance.com
Tue Mar 7 21:30:17 CET 2006
On Tue, 7 Mar 2006, Fabio wrote:
> case 2: GW1 and GW2 do source nat on outgoing packets from WAN interface
> - pc1 and pc2 communicate correctly using ping
> - pc1 and pc2 can't communicate using ssh (VERY STRANGE) because
> connection
> timed out (using tcpdump I verified that packets arrive correcly on both pcs)
Either a wrong NAT rule without the proper exclusion for snat'ing ipsec packets,
or you are just running into mtu issues.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list