[Openswan Users] IPsec connection to Sonicwall TZ170
Paul Wouters
paul at xelerance.com
Fri Nov 14 10:02:03 EST 2008
On Wed, 12 Nov 2008, John Thomas wrote:
> My first attempt was connecting through a Sonicwall TZ170 router. I thought maybe the router was the issue so I
> created a tunnel through a Linksys BEFVP41 router. On both routers I see the established tunnel, I can ping the CC
> box, but I can not ping from a machine on the CC network to the other end of the tunnel.
>
> On the CC box I do a tcpdump on eth0. When pinging from the other end of the tunnel to CC I see ESP traffic. If I
> ping from a laptop connected to the CC box I see an icmp request but no ESP traffic.
Usually this means bad NAT rules nat'ing IPsec packets, or not enabling ip forwarding on the gateway,
or firewall rules. A quick look at your barf showed ip forwarding is enabled. I am not sure about
the firewall rules.
btw openswan 2.2.0 is really old.
Paul
More information about the Users
mailing list