Re: [Ipsec-tools-devel] racoon -> pix vpn
Brought to you by:
mit_warlord,
netbsd
From: Jason B. <ipm...@gm...> - 2005-03-27 03:43:27
|
Thanks alot! That fixed it. On Sat, 26 Mar 2005 22:37:06 +0100, richard lucassen <mai...@lu...> wrote: > On Fri, 25 Mar 2005 22:29:32 -0600 > Jason Burnett <ipm...@gm...> wrote: > > > I am fighting a problem that does not make much sense. I have racoon > > on a Debian/Sarge box running 2.6.8.1 creating a tunnel to a pix 515 > > using shared secret (password) authentication. > > Based on debugging at linux boxen on both ends and the pix, the vpn is > > established. tcmpdump shows some traffic being passed between hosts on > > each end. pinging across the vpn, for example, shows the packets > > leaving linux box 1 and tcpdump on the remote host shows the packet > > arriving, but no reply being sent, the same occurs in both directions. > > I started racoon in debug mode and have done everything in iptables > > from clearing them completly to trying to explicitly allow all traffic > > between nets. I don't really think the problem is with the vpn, but > > somehow related to the routing between the nets. If anyone has any > > suggestions or needs more information to help please let me know. > > Just a guess, try: > > echo "0" > /proc/sys/net/ipv4/conf/all/rp_filter > > Richard. > > -- > ___________________________________________________________________ > Mac OS X proves that it's easier to make UNIX pretty than it is to > make Windows secure. > > +------------------------------------------------------------------+ > | Richard Lucassen, Utrecht | > | Public key and email address: | > | http://www.lucassen.org/mail-pubkey.html | > +------------------------------------------------------------------+ > -- /"\ \ / ASCII Ribbon Campaign X against HTML email & vCards / \ |