[Openswan Users] Return Traffic on wrong interface

Paul Wouters paul at xelerance.com
Mon Mar 29 15:01:43 EDT 2010

On Mon, 29 Mar 2010, Josh Mesilane wrote:

> Local Location:
> Centos 4.7
> OpenSwann
> (eth2) ppp0 - VoIP internet connection
> (eth3) ppp1 - WAN internet connection
> eth1 - Internal Network
> eth0 - Wireless Network
> The Tunnel between the two hosts establishes, and when sending ICMP traffic from inside the Local Connection to
> the Remote Connection, the traffic is received at the Local router, encapsulated .and tunneled and sent to the
> remote router, where is is decrypted and passed on the remote server (checked with Wireshark... almost said
> ethereal there...). The remote server replies, This reply then completes the trip over the VPN but never arrives
> at the computer on the LAN.
> Further investigation showed that the ICMP reply packet is coming in the ppp1 interface, the packet is then
> being decrypted and is showing the decrypted packet on the ppp1 interface, not the local interface (eth1) where
> the destination IP would suggest the packet should go.
> I was having a similar issues when trying to get this setup working using the inbuilt racoon tools. I got the
> tunnel connected and working and could pass ICMP traffic over the connection, however when trying to use any
> service that returns packets on a tcpmux port, the returned packet would show on the ppp interface locally and
> not the internal LAN interface. ICMP traffic, however would pass.
> Any suggestions? What do you guys need to help me troubleshoot this further?

If this is NETKEY, there is not much we can do, as the kernel developers
decided on implementing things in a rather odd way

If you would be using KLIPS, you would have a virtual interface on top of the real one
and your traffic would appear to come from a device ipsecX decrypted.


More information about the Users mailing list