[Openswan Users] Subnet to Subnet problem
Paul Wouters
paul at xelerance.com
Fri Nov 7 21:54:26 EST 2008
On Fri, 7 Nov 2008, Benjamin Minshall wrote:
> I have an openswan tunnel almost working between two linux gateways. Kernels are 2.6.27.x.
>
> ~# ipsec --version
> Linux Openswan U2.4.6/K2.6.27.2 (netkey)
>
>
> A |--- priv ---| G1 |--- internet ---| G2 |--- priv ---| B
>
> I can ping from host A to the private interface of G2 just fine, however pings from A to B do not make it. Pings from G2 to B work. I used tcpdump to confirm that the ESP packets are arriving at the public interface of G2, however no packets are leaving the private interface of G2; as though they are lost at G2.
>
> Do anyone have any suggestions for fixes or further troubleshooting? Thanks.
Most likely you did not enable ip forwarding on G2, or you are firewalling the
packets. 'ipsec verify' might tell you.
Paul
More information about the Users
mailing list