[Openswan Users] Traffic no longer forwarded

Will Roberts ironwill42 at gmail.com
Fri Jun 17 00:14:48 EDT 2011


About 6 hours ago one of my OpenSwan setups suddenly stopped forwarding 
traffic from clients out to the internet. As far as I can tell nothing 
changed on the box which strikes me as odd.

The IPsec connection is opened fine, and the L2TP connection on top is 
also successful. I can communicate directly with the machine hosting VPN 
services over the tunnel (ping,ssh,dns). However if I try to traceroute 
over that interface it fails:

traceroute -n -i ppp0 google.com
traceroute to google.com (, 30 hops max, 60 byte packets
  1  27.841 ms  27.776 ms  27.757 ms
  2  3003.713 ms !H  3003.656 ms !H  3003.637 ms !H

Trying to ping or create TCP connections over it also seems to fail. It 
appears like the traffic from the VPN connections is no longer forwarded.

The server is running a 2.6.32-5 kernel, OpenSwan 2.6.24 (outdated I 
know), and xl2tpd 1.2.7. ipsec verify lists [OK] for all the checks.

Any ideas on where to start looking? I'm pretty baffled at this point.


More information about the Users mailing list