[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] ipsec freeswan - connection established successfully, but packets are dropped ...



On Saturday 18 October 2003 12:28, Markus Feilner wrote:
> Am Freitag, 17. Oktober 2003 12:18 schrieb Frank Stuehmer:
> > Hi Markus,
> >
> > > I stopped all Firewall rules, and checked the ipsec configuration
> > > over and over, but i can't find a solution.
> > > Can anyone help me?
> >
> > do you have in /etc/ipsec.conf lines like this:
> > leftupdown=/usr/lib/ipsec/_updown.x509 ?
> > In _updown.x509 routing and firewalling for ipsec connection will be
> > set. With Suse-Firewall this configuration works fine for me.
> >
> > Frank Stuehmer
>
> Yes, I do. But that's not enough.
> And I tried with or without  the gw entry in line 55 - as described on
> https://nso.freeswan.nl/archives/users/2003-September/msg00227.html
> this proved to be necessary for the routing.
> Now ping left-net-host -> right-net-host works, but ping right-net-host
> -> left-net-host doesn't.
> Packets are dropped on left-net-VPN-Server's interface ipsec0.
> but why? It answers correctly on a connection initiated from
> left-side-host, but can not ping to the other side...
> ????
So your packets go from right-net-host over right-net-gw through the
tunnel to left-net-gw, there they are dropped ?
Are they dropped by a firewall rule ?

Andreas

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here