[Openswan Users] Tunnel established but can't ssh or ping

TheCajun thecajun at nmia.com
Fri Feb 22 11:09:53 EST 2013 

> Am 21.02.2013 23:08, schrieb Durwin:
> >> tcpdump -n -i eth0 host <peer-ip>
> >>
> > 15:03:46.420405 IP bayou.acadia.land.ssh > caiman.acadia.land.63827: Flags [P.], seq 1166146839:1166146887, ack 1383081796, win 217, length 48
> > 15:03:46.420645 IP caiman.acadia.land.63827 > bayou.acadia.land.ssh: Flags [.], ack 48, win 65439, length 0
> > 15:03:46.420713 IP bayou.acadia.land.ssh > caiman.acadia.land.63827: Flags [P.], seq 48:160, ack 1, win 217, length 112
> > 15:03:46.420927 IP bayou.acadia.land.ssh > caiman.acadia.land.63827: Flags [P.], seq 160:208, ack 1, win 217, length 48
> > 15:03:46.421119 IP caiman.acadia.land.63827 > bayou.acadia.land.ssh: Flags [.], ack 208, win 65279, length 0
> > 15:03:47.031578 IP mailserver.mydomain.com.isakmp > bayou.acadia.land.isakmp: isakmp: phase 2/others ? inf[E]
> > 15:03:47.032189 IP bayou.acadia.land.isakmp > mailserver.mydomain.com.isakmp: isakmp: phase 2/others ? inf[E]
> > 15:03:47.138458 IP bayou.acadia.land > mailserver.mydomain.com: ESP(spi=0x0dfa0e9b,seq=0x3), length 116
> > 15:03:47.455587 IP mailserver.mydomain.com.isakmp > bayou.acadia.land.isakmp: isakmp: phase 2/others ? inf[E]
> > 15:03:47.456165 IP bayou.acadia.land.isakmp > mailserver.mydomain.com.isakmp: isakmp: phase 2/others ? inf[E]
> > 15:03:48.138482 IP bayou.acadia.land > mailserver.mydomain.com: ESP(spi=0x0dfa0e9b,seq=0x4), length 116
> > 15:03:48.396022 IP caiman.acadia.land.63827 > bayou.acadia.land.ssh: Flags [P.], seq 1:49, ack 208, win 65279, length 48
> >
> 
> Please check if the ESP packet arrives at the other side, also check the logs at mailserver.mydomain.
> 
> Output of "ipsec auto --status" is also of interest.
> 
> 
> Michael

This is what I have done.  On local_machine ping remote_machine.

local_machine = 192.168.4.100
remote_machine = 172.23.93.3

On local_machine
> tcpdump -n -i eth0 host 192.168.4.100

With this command I got the lines posted above.  Running next command on
remote_machine I got nothing from local_machine.

> tcpdump -n -i eth0 host 172.23.93.3

The logs on remote_machine show nothing from local_machine.

-- 
reality.sys corrupted. universe halted. reboot (y/n)?

TheCajun <thecajun at nmia.com>

More information about the Users mailing list