[Openswan Users] Tunnel behaviour

[richard at avits.ca]

Hi.

I have a tunnel between two private subnets that have been working fairly
well for some time. Traffic seems to flow properly, protocols like mail,
SSH, etc, all seem to work.

I just spun up a new host on the "far" end of the tunnel, and it's meant
to be a database server, so SSH and MySQL are pretty important.

Traffic to the server from within the same subnet seems to work just fine,
but traffic from the server to the "near" subnet does not seem to work,
although I can ping just fine, and even large ping blocks work (2K +). I'm
stumped.

I did a tcpdump of traffic to the server, and seem to get TCP
Retransmission requests for both SSH and MySQL traffic. MySQL seems to
connect initially, but when I try to connect to a database, it freezes.
When I try to SSH in to the host from the "near" subnet, the session never
gets established, but I see the handshake, etc. The session seems to get a
TCP Retransmit, and then nothing.

The server is running on Ubuntu 12.0.4 rel 5, kernel 3.2.0-75. Is it
possible I have a config setting on the Ubuntu server wrong, and it is
messing up tunnel traffic, but not local traffic? I have tried dropping
the MTU to 1300, but to no avail, and as I previously mentioned, large
ICMP packets don't seem to be a problem.

Thoughts, suggestions? I'm at a loss, and Dr. Google has not been a lot of
help, because I'm not even sure what to ask it!

Thanks,
Richard.