[Openswan Users] Tunnel Established but cannot ping either site!
Mayo Guajardo
mguajardo at torchlighttech.com
Mon Oct 5 02:02:57 EDT 2009
Greetings fellow travellers. I have an interesting problem that I
hope someone can help illuminate.
We have a 'working' tunnel. The remote site (192.168.50.xx, Cisco
ASA 3000 series) is able to ping the local gateway box (Suse
Enterprise Linux 11, kernel 2.6.27.19-5-pae) at 172.38.xx.xxx, but
nothing beyond the gateway on the local side; we cannot ping any IP
(including the Cisco ASA) at the remote site. The suse firewall is
disabled in favour of a more customizable iptables script that bridges
the WAN to the local network. Using the on-board firewall isn't really
an option.
So, openswan is sitting right on the edge of the network and is
able to establish a tunnel. No traffic (that I am aware of) is being
restricted either which way. However, still no joy pinging either side
of the tunnel from either site, save for pinging the Suse Gateway from
the remote site. From what I describe, what are the possible errors,
oversights, or just plain bad luck that could be causing this problem?
I've already pursued every avenue I can think of, and I'm fresh out of
ideas. I'd be happy to provide more information for whomever seeks it.
Thanks for your time and patience.
---
Mayo Guajardo
Security Architect
Torchlight Technologies
"Reinvent IT"
3463 Magic Dr
Suite T6
San Antonio, Texas 78229
Office Tel: 210.490.4053 x704
Fax: 210.490.9976
More information about the Users
mailing list