[Openswan Users] Net to Net in the Amazon Cloud
Paul Wouters
paul at xelerance.com
Thu Aug 25 10:03:14 EDT 2011
On Wed, 24 Aug 2011, Murty, Sudarshan wrote:
> I did all that you said below and also turned on nat_traversal=yes in the config section.
> When I start up ipsec it looks like this. Does it look ok?
> 004 "cld-to-cld" #2: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP/NAT=>0xa489360c <0x2edaf4dc xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=46.51.216.14:4500
> DPD=none}
Yes. looks good.
> But I still can’t tracert from a host in the left subnet to the right subnet
dont use traceroute, but ping. If that fails too, check firewall rules and
run "ipsec verify"
Paul
More information about the Users
mailing list