[Openswan Users] Tunnel established but can't ssh or ping

Alex Crow acrow at integrafin.co.uk
Fri Feb 22 13:34:24 EST 2013


Everytime I see something like this on my own systems it's because I've 
forgotten to add appropriate firewall rules.

Also you were hinted to use eth0 in your tcpdump command. That may not 
actually be the interface you need to listen to on either or both ends. 
You should make sure you are tracing for ESP packets on the interface 
where your routes point to the other (public) endpoint of the tunnel.

You should also check routing tables to make sure you're not 
accidentally routing at either end in such a way to avoid passing 
through your IPSEC gateways. The fact that you see no ESP packets at one 
end of the connect suggests this might be the case.



More information about the Users mailing list