[Openswan Users] Ping problem LAN-to-LAN
huarito huaritex
huarito at linuxmail.org
Wed Feb 21 08:50:14 EST 2007
Hello Friends:
At this time i have this squeme:
IP-A IP-B
112.168.100.7/14 subnet-->[Server A]-->======INTERNET=====[Server
B]<--- 10.0.0.17/26
subnet
My problem is, i cannot make a ping from 112.168.100.7 to 10.0.0.17 and vice-verse
My iptables rules are:
/sbin/iptables -A INPUT -p udp --sport 500 --dport 500 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 500 --dport 500 -j ACCEPT
/sbin/iptables -A INPUT -p udp --sport 50 --dport 50 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 50 --dport 50 -j ACCEPT
/sbin/iptables -A INPUT -p 50 -j ACCEPT
/sbin/iptables -A OUTPUT -p 50 -j ACCEPT
/sbin/iptables -A INPUT -p udp --sport 51 --dport 51 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 51 --dport 51 -j ACCEPT
/sbin/iptables -A INPUT -p udp --sport 4500 --dport 4500 -j ACCEPT
/sbin/iptables -A OUTPUT -p udp --sport 4500 --dport 4500 -j ACCEPT
/sbin/iptables -A FORWARD -i eth1 -o eth0 -j ACCEPT
/sbin/iptables -A FORWARD -i eth0 -o eht1 -j ACCEPT
here is my ipsec.config
# basic configuration
config setup
# Debug-logging controls: "none" for (almost) none, "all" for lots.
# klipsdebug=none
# plutodebug="control parsing"
interfaces=%defaultroute
# nat_traversal=yes
conn net-net
compress=yes
left=a.b.c.d
leftsubnet=112.168.100.0/14
leftnexthop=%defaultroute
leftid=@server-A
# RSA 2192 bits
leftrsasigkey=XXXXX
right=aa.bb.cc.dd
rightsubnet=10.0.0.0/26
rightnexthop=%defaultroute
righted=@server-B
# RSA 2192 bits
rightrsasigkey=YYYYY
authby=rsasig
auto=start
include /etc/ipsec.d/*.conf
Regards Huarito
=
Melt & Pour Soap - Candles and Supplies
Make your own natural soaps with our melt and pour soap bases. All natural aloe vera, honey, olive oil, orange oil, ginseng, chamomile, avocado/cucumber and more.
http://a8-asy.a8ww.net/a8-ads/adftrclick?redirectid=d1d63b89a27f48dc6993692ddc4224ca
--
Powered by Outblaze
More information about the Users
mailing list