Re: [Ipsec-tools-devel] FreeBSD racoon / SafeNet
Brought to you by:
mit_warlord,
netbsd
From: VANHULLEBUS Y. <va...@fr...> - 2005-08-11 15:34:47
|
On Thu, Aug 11, 2005 at 01:20:33AM +0200, DavidDST wrote: > I'm still have the same problem without NAT. [..... > # tcpdump -ni xl0 icmp > 01:04:27 IP 172.16.0.10 > 192.168.0.1: icmp 40: echo request seq 43520 > 01:04:27 IP 192.168.0.1 > 172.16.0.10: icmp 40: echo reply seq 43520 > > Ping echo request is encapsulted, but not echo reply > > # tcpdump -ni dc0 esp or icmp > 01:05:52 IP 82.227.43.247 > 82.227.42.60: ESP(spi=0x0dfe9327,seq=0x20) > 01:05:52 IP 192.168.0.1 > 172.16.0.10: icmp 40: echo reply seq 43776 > > No Nat : [.....] Perhaps a stupid idea, but did you check that the replies goes to the BSD gate, and are forwarded by the gate ? Can you do some tcpdump -e and check the MAC addresses are correct ? Yvan. |