[Openswan Users] [Tunnel established, no traffic]
Paul Wouters
paul at xelerance.com
Tue Aug 21 09:39:46 EDT 2007
On Tue, 21 Aug 2007, Ralf Guenthner wrote:
> > some NAT is happening to the packets. With netkey there is no way to
> > see that With klips, you can run for a few packets with klipsdebug
> > enabled (ipsec klipsdebug --all, send a few pings, then run ipsec
> > klipsdebug --none) to see why packets were being dropped.
>
> Hi
>
> I used the klipsdebug command on one gateway and as far as I can see
> there are no DROPS pertaining to the tunnel in question (sorry for length)
[klips debug]
> klips_debug:ipsec_tunnel_start_xmit: ...done, calling ip_send() on
> device:eth0
> What else can I do?
> Thanks
Can you run "ipsec verify" ?
Are you sure there are no firewall rules in INPUT, OUTPUT, FORWARD, PREROUTING
and POSTROUTING? Is IP forwarding enabled?
Paul
More information about the Users
mailing list