[Openswan Users] Openswan to Cisco ASA: Encaps OK, no Decaps
Patrick Naubert
patrickn at xelerance.com
Thu Jan 31 19:41:24 EST 2013
Rescued from the Spam bucket. Please remember to subscribe to the mailing list before posting to it.
From: <ron.johnston at rexquist.com>
Subject: Openswan to Cisco ASA: Encaps OK, no Decaps
Date: 28 January, 2013 1:01:04 PM EST
To: users at lists.openswan.org
Hi, we have recently used OpenSwan (2.6.3) to create a tunnel to a Cisco ASA.
The tunnel comes up. From the Linux box running OpenSwan, I can see traffic initiated from the users on the Cisco side come through the tunnel and target the web server. On the Web Server, I can see traffic come in, acknowledged, and return packets sent; the return packets do not make it back to the Linux box so they do not go through the tunnel.
If I do a wget on the linux box to the same page requested from the Cisco side user, the page is returned.
Thought?
Thanks in advance.
Background
Test 1
OpenSwan server --> Web Server --> OpenSwan server [OK]
Test 2 (VPN Tunnel)
User --> Cisco ASA --> OpenSwan --> Web Server --> ???? [Not OK]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130131/24d4307f/attachment.html>
More information about the Users
mailing list