
<p class="MsoPlainText">&gt; Hi</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; I&#39;ve installed Openswan on Ubuntu 10.04.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; I&#39;ve one network interface: eth0 = 10.202.x.x.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; I&#39;ve created another Virtual Network Interface:

eth0:0 = 192.168.y.y.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; I&#39;ve Elastic IP: 50.17.z.z.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; I&#39;ve done natting with following commands:</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; then used more commands like this:</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; iptables --flush</p>


<p class="MsoPlainText">&gt; iptables -t nat --flush</p>


<p class="MsoPlainText">&gt; iptables --delete-chain</p>


<p class="MsoPlainText">&gt; iptables -t nat --delete-chain</p>


<p class="MsoPlainText">&gt; iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

iptables -A </p>


<p class="MsoPlainText">&gt; FORWARD -i eth0:0 -j ACCEPT</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; I&#39;ve configured my connection as under:</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; conn TEST</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; type=tunnel</p>


<p class="MsoPlainText">&gt; authby=secret</p>


<p class="MsoPlainText">&gt; ike=3des-md5-modp1024</p>


<p class="MsoPlainText">&gt; ikelifetime=86400s</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; phase2=esp</p>


<p class="MsoPlainText">&gt; phase2alg=3des-md5;modp1024</p>


<p class="MsoPlainText">&gt; lifetime=28800s</p>


<p class="MsoPlainText">&gt; forceencaps=yes</p>


<p class="MsoPlainText">&gt; pfs=no</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; left=10.202.x.x</p>


<p class="MsoPlainText">&gt; leftid=50.17.z.z</p>


<p class="MsoPlainText">&gt; leftnexthop=%defaultroute</p>


<p class="MsoPlainText">&gt; leftsubnet=192.168.y.y/32</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; right=202.125.a.a</p>


<p class="MsoPlainText">&gt; rightid=202.125.a.a</p>


<p class="MsoPlainText">&gt; rightsubnet=172.16.b.b/32</p>


<p class="MsoPlainText">&gt; rightnexthop=%defaultroute</p>


<p class="MsoPlainText">&gt; dpdaction=restart</p>


<p class="MsoPlainText">&gt; dpddelay=30</p>


<p class="MsoPlainText">&gt; dpdtimeout=45</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; auto=add</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; now when I try to start a tunnel with command: ipsec

auto --up TEST, </p>


<p class="MsoPlainText">&gt; tunnel comes up successfully, but when i ping

172.16.b.b. I don&#39;t get </p>


<p class="MsoPlainText">&gt; any reply.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; All ports opened for all IP Addresses, firewall

allow all. Still no </p>


<p class="MsoPlainText">&gt; success.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; My routing table is as under:</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Destination Gateway Genmask Flags Metric Ref Use

Iface</p>


<p class="MsoPlainText">&gt; 192.168.222.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0</p>


<p class="MsoPlainText">&gt; 10.202.70.0 0.0.0.0 255.255.254.0 U 0 0 0 eth0</p>


<p class="MsoPlainText">&gt; 0.0.0.0 10.202.70.1 0.0.0.0 UG 100 0 0 eth0</p>


<p class="MsoPlainText">&gt; 0.0.0.0 10.202.70.1 0.0.0.0 UG 100 0 0 eth0</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; iptables -L show:</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Chain INPUT (policy ACCEPT)</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; target    

prot opt source              

destination</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Chain FORWARD (policy ACCEPT)</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; target    

prot opt source              

destination</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; ACCEPT    

all  --  anywhere             anywhere</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Chain OUTPUT (policy ACCEPT)</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; target    

prot opt source              

destination</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; kindly guide me what i am missing, tunnel is being

established </p>


<p class="MsoPlainText">&gt; successfully but cannot ping other side, and they

cannot ping me?</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; A I missing any route? Kindly do let me know what

route to add, if </p>


<p class="MsoPlainText">&gt; missed any?</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Thank you very much. Waiting for any answer. Thank

you guys.</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Regards</p>


<p class="MsoPlainText">&gt; </p>


<p class="MsoPlainText">&gt; Imran</p>