[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-ipsec
Subject:    RE: Using FreeSWAN with two Linux 2.4.2 masquerading firewalls
From:       "Rod Savard" <rodney () savard ! com>
Date:       2001-03-31 3:28:02
[Download RAW message or body]

> Your firewall rules seem ok. I'm wondering if it's instead a config
> problem. Please first see doc/faq.html#cantping, and then please
> see my troubleshooting guide at:

I read #cantping and it didn't seem to help with my situation, nor did your
troubleshooting guide.

> If you have not found the solution with these hints, please send barfs

I have posted barfs at on my web site:

  http://www.savard.com/scm-barf.txt
  http://www.savard.com/savard-barf.txt

I set `klipsdebug=all' on both the scm and savard side, started ipsec on
both sides, brought up the scm-savard tunnel, and attempted to ping from one
subnet to another (from 10.0.0.2 on the savard subnet to 10.1.1.41 on the
scm subnet).  The ping timed out.  After the ping I ran `ipsec barf' on both
sides and shut down ipsec.

For fun I set up a tunnel between the gateways.  If I start the tunnel I can
no longer ping from one gateway to the other (or do any other communication,
for that matter).

Thanks again for your assistance!!

Regards,
Rod

---
Rod Savard - Delphi Developer
Savard Software - Tri-Cities, Washington, USA
rodney@savard.com - http://www.savard.com

[prev in list] [next in list] [prev in thread] [next in thread]