[Openswan Users] Openswan IPSEC tunel established but it work from one side only
Willie Gillespie
wgillespie+openswan at es2eng.com
Fri Jan 7 17:41:45 EST 2011
On 01/07/2011 12:26 PM, Dario Garay wrote:
> Yes, /proc/sys/net/ipv4/ip_forward set to 1
>
> I can´t post the complete iptables but, what I must search in iptables ?
Just make sure the two subnets are allowed to talk to one another.
It is quite strange that you could ping 192.168.2.1 when your tunnel was
no longer up. Of course, perhaps the default gateway is sending packets
to _some_ 192.168.2.1, but not necessarily the same computer.
It might be worth it to do a tcpdump after the tunnel is up and see if
you see the incoming pings.
More information about the Users
mailing list