[Openswan Users] Openswan IPSEC tunel established but it work from one side only
Dario Garay
dgaray at gsystems.com.ar
Fri Jan 7 14:53:08 EST 2011
Yes, establish the tunnel
cat secure|grep IPsec
16:31:19 Georouter pluto[22280]: "g2tog1" #4: STATE_QUICK_I2: sent QI2, IPsec SA established tunnel mode {ESP=>0x2214ebbc <0xad9ce3fe xfrm=AES_128-HMAC_SHA1 NATOA=none NATD=none DPD=none}
[root at Georouter log]# ipsec setup --status
IPsec running - pluto pid: 22280
pluto pid 22280
2 tunnels up
some eroutes exist
R. Dario Garay
-----Mensaje original-----
De: Willie Gillespie [mailto:wgillespie+openswan at es2eng.com]
Enviado el: Viernes, 07 de Enero de 2011 04:29 p.m.
Para: Dario Garay
CC: users at openswan.org
Asunto: Re: [Openswan Users] Openswan IPSEC tunel established but it work from one side only
Dario Garay wrote:
> And this is very strange.... the ping from 192.168.1.7 works whit ipsec service Stopped.
>
>
> [root at Georouter ~]# ipsec auto --down g2tog1
> [root at Georouter ~]# service ipsec stop
> ipsec_setup: Stopping Openswan IPsec...
> [root at Georouter ~]# ipsec setup --status
> IPsec stopped
> [root at Georouter ~]# ping 192.168.2.1
> PING 192.168.2.1 (192.168.2.1) 56(84) bytes of data.
> 64 bytes from 192.168.2.1: icmp_seq=1 ttl=253 time=5.98 ms
Hmm, are you sure that the IPsec tunnel is up when the service is
started? Do you see an "STATE_QUICK_R2: IPsec SA established" in your
log files (like /var/log/auth.log)?
More information about the Users
mailing list