[Openswan Users] Clients in the right network are OK but packtes from rightserver misroute
Augusto Pizarro
augusto.pizarro at siemconsub.com.br
Wed Feb 7 06:08:19 EST 2007
Maybe a silly problem but for a stupid guy like me are a huge
problem....
The machines are not in production and the internet is emulated by
another linux box with only ip_forward = 1.
Right Network Right
Server Left
Server Left Network
10.210.21.0------10.210.21.1/192.168.200.100
---(internet)---200.178.78.1/10.20.10.60-----10.20.0.0
eth1
eth0 eth0 eth1
Any network test from the Right Clients to the Left Network are OK.
Ane test directly from the Right Server to the Left Network are NOT OK.
RESUMING: The Right clients are OK bur the Right server itself DONT!!!
Really stupid!!
The IPSEC tunnel is ok, the packets are encripted between the eth0's,
but only if they come from the Right Network Clients.
Another information, the Left Server can ping the Right Server but only
if we do an "ping 10.210.21.1 -I eth1".
In the IPTRAF I can see "ICMP dest unrch from 10.210.21.1 to
10.210.21.1 on lo" in the Right Server wen trying to ping the Left
Server.
Maybe I have to create another tunnel just for the traffic from the
server to the Left Network.
Regards,
Augusto PIzarro
Rio de Janeiro - Brazil
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070207/6d031791/attachment.html
More information about the Users
mailing list