[Openswan Users] Clients in the right network are OK but packtes from rightserver misroute

Augusto Pizarro augusto.pizarro at siemconsub.com.br
Wed Feb 7 07:11:24 EST 2007


Maybe a silly problem but for a stupid guy like me are a huge
problem....

The machines are not in production and the internet is emulated by
another linux box with only ip_forward = 1.

Right Network            Right
Server                                            Left
Server                                Left Network
10.210.21.0------10.210.21.1/192.168.200.100
---(internet)---200.178.78.1/10.20.10.60-----10.20.0.0
                             eth1               
eth0                                         eth0                 eth1
              
Any network test from the Right Clients to the Left Network are OK.
Ane test directly from the Right Server to the Left Network are NOT OK.

RESUMING: The Right clients are OK bur the Right server itself DONT!!!
Really stupid!!

The IPSEC tunnel is ok, the packets are encripted between the eth0's,
but only if they come from the Right Network Clients.
Another information, the Left Server can ping the Right Server but only
if we do an "ping 10.210.21.1 -I eth1".

In  the IPTRAF I can see "ICMP dest unrch from 10.210.21.1 to
10.210.21.1 on lo" in the Right Server wen trying to ping the Left
Server.

Maybe I have to create another tunnel just for the traffic from the
server to the Left Network.

Regards,
Augusto Pizarro
Rio de Janeiro - Brazil


-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070207/26cfeecd/attachment.html 


More information about the Users mailing list