ipsec-tools/racoon/ipsec routing problem
Bill Campbell
linux-sxs at celestial.com
Thu Jul 24 17:45:50 PDT 2008
On Sat, Jul 19, 2008, James McDonald wrote:
> Bill Campbell wrote:
>> I have been trying to get ipsec connecting various CentOS 5.1
>> systems, and gotten things working -- almost with some help from
>> people on a CentOS mailing list. The issue I have now is that it
>> appears that the tunnel between the systems is complete, and I
>> can ping and connect with ssh from one machine to the other, but
>> not the other way around.
>>
...
>> Can anybody on this august list shed some light on this?
..
> Bill, I have just been through this whole thing myself. I had to insert
> some nat rules to stop the NAT working for the source and destination
> subnets.
>
FWIW, I appreciate the help on this, but these things did not
help. I tried several options earlier this week, and can see
IPSec traffic with tcpdump, but it just disappears into the
kernel never to reappear.
I suspect this may have something to do with one side being a
machine running VMware virtual machines as I was able to get it
half-way working between a couple of machines which did not have
VMware on them. There was still a problem on that one, but it
may have been a routing conflict with the OpenVPN that was
running on one side of the connection.
...
Bill
--
INTERNET: bill at celestial.com Bill Campbell; Celestial Software LLC
URL: http://www.celestial.com/ PO Box 820; 6641 E. Mercer Way
Voice: (206) 236-1676 Mercer Island, WA 98040-0820
Fax: (206) 232-9186
Freedom from prices is freedom from responsibility. You can simply pass
laws, using the magic wand of government to satisfy your own desires at
unspecified costs to be paid by others. -- Thomas Sowell Aug 2000
More information about the Linux-users
mailing list