[Openswan Users] OpenSwan won't Encapsulate my Packets (was: Roadwarrior setup only works from Server to Client)

Markus Ewald cygon at nuclex.org
Wed Dec 8 18:43:51 EST 2010

  I think I've gotten a bit further with my problem. My setup is this 
(a.b.c.d is the static IP of the remote IPsec server)[@my_id]...a.b.c.d[@their_id]===

Connection comes up fine. Remote side can ping me and access local 
services, but I cannot reach the other end.

If I do "tcpdump -i ppp0 -n -p udp port 500 or udp port 4500 or ah or 
esp" and ping the other side, no output is generated.
If I do "tcpdump -i ppp0 -p icmp" however, I see the packets being sent, 
unencapsulated, to my ISP.

Why is OpenSwan not picking up my packets? My tunnel connection is 
configured as this:

     conn nwsi

If I ping from, this should be a match for 
the tunnel I configured, no?


More information about the Users mailing list