[Openswan Users] OpenSwan won't Encapsulate my Packets (was: Roadwarrior setup only works from Server to Client)
Paul Wouters
paul at xelerance.com
Wed Dec 8 19:14:54 EST 2010
On Thu, 9 Dec 2010, Markus Ewald wrote:
> Connection comes up fine. Remote side can ping me and access local
> services, but I cannot reach the other end.
Usually a NAT or firewall issue
> If I do "tcpdump -i ppp0 -n -p udp port 500 or udp port 4500 or ah or
> esp" and ping the other side, no output is generated.
> If I do "tcpdump -i ppp0 -p icmp" however, I see the packets being sent,
> unencapsulated, to my ISP.
If using NETKEY, your tcpdump will not be able to see outgoing encrypted
packets.
Paul
More information about the Users
mailing list