[Openswan Users] I can't ping windows computers

Juan j pitfloner at hotmail.com
Thu Oct 19 03:10:45 EDT 2006 

If I ping this windows 2000 system by a computer inside the lan, it works 
fine.

There's no rule in the vpn server. Right now the FORWARD rule is ACCEPT.

>From: Jim Barber <jim.barber at ddihealth.com>
>To: Juan j <pitfloner at hotmail.com>
>CC: users at openswan.org
>Subject: Re: [Openswan Users] I can't ping windows computers
>Date: Thu, 19 Oct 2006 14:52:31 +0800
>
>Also make sure the Windows firewall isn't getting in the way on the Windows 
>host you are trying to ping.
>This has caught me once (and only once).
>XP service pack 2 enables the firewall within it's security centre which by 
>default blocks all pings, even from machines on it's local LAN.
>
>----------
>Jim Barber
>DDI Health
>
>
>Juan j wrote:
>>The only thing it sound extrange to me, it's I can ping a Linux Server.
>>
>>This is the result of executing ipsec verify:
>>
>>Checking your system to see if IPsec got installed and started correctly:
>>Version check and ipsec on-path                                 [OK]
>>Linux Openswan U2.4.4/K2.6.11.4-20a-smp (netkey)
>>Checking for IPsec support in kernel                            [OK]
>>Checking for RSA private key (/etc/ipsec.secrets)               [OK]
>>Checking that pluto is running                                  [OK]
>>Two or more interfaces found, checking IP forwarding            [OK]
>>Checking NAT and MASQUERADEing                                  [N/A]
>>Checking for 'ip' command                                       [OK]
>>Checking for 'iptables' command                                 [OK]
>>Checking for 'setkey' command for NETKEY IPsec stack support    [OK]
>>
>>Opportunistic Encryption DNS checks:
>>    Looking for TXT in forward dns zone: fw02es                  [MISSING]
>>    Does the machine have at least one non-private address?      [OK]
>>    Looking for TXT in reverse dns zone: 43.108.125.217.in-addr.arpa.    
>>[MISSING]
>>
>>
>>>From: Paul Wouters <paul at xelerance.com>
>>>To: pitfloner <pitfloner at hotmail.com>
>>>CC: users at openswan.org
>>>Subject: Re: [Openswan Users] I can't ping windows computers
>>>Date: Thu, 19 Oct 2006 07:39:32 +0200 (CEST)
>>>
>>>On Thu, 19 Oct 2006, pitfloner wrote:
>>>
>>>>I'm using openswan 2.4.4 to connect our two headquarters with NETKEY by
>>>>net2net tunnel. After defining /etc/ipsec.conf and /etc/ipsec.secrets
>>>and
>>>>turn up the service, the tunnel seems to works because I can ping to the
>>>>iface connected to my lan and a linux server located inside my lan.
>>>>
>>>>But I can't ping a Windows PC nor browsing my lan trough this tunnel.
>>>browsing and pinging are two different issues. pinging should work before
>>>you try to browse. Browsing might involve MTU issues and WINS issues.
>>>
>>>Run 'ipsec verify'
>>>
>>>You probably have no ip forwarding enabled. Or you are NAT'ing IPsec 
>>>packets.
>>>
>>>Paul
>>>--
>>>Building and integrating Virtual Private Networks with Openswan:
>>>http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>>
>>_________________________________________________________________
>>Horóscopo, tarot, numerología... Escucha lo que te dicen los astros. 
>>http://astrocentro.msn.es/
>>
>>_______________________________________________
>>Users at openswan.org
>>http://lists.openswan.org/mailman/listinfo/users
>>Building and Integrating Virtual Private Networks with Openswan: 
>>http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

_________________________________________________________________
¿Estás pensando en cambiar de coche? Todas los modelos de serie y extras en 
MSN Motor. http://motor.msn.es/researchcentre/

More information about the Users mailing list