From: Raghu <raghu.1729@gm...>  20090625 07:01:15

Hi, Is it possible to use tunnel mode with machines which are directly connected? I have two machines (machine 1 : x.y.z.204 and machine 2: x.y.z.241 ) connected directly with each other. Am using the following policies on machine 1 *spdadd x.y.z.204 x.y.z.241 any P out ipsec esp/tunnel/x.y.z.204x.y.z.241/require; spdadd x.y.z.241 x.y.z.204 any P in ipsec esp/tunnel/x.y.z.241x.y.z.204/require; *and similar policies with direction modified on machine 2.* *However when I do "ping I x.y.z.204 x.y.z.241" I see no activity with racoon.* *Is there anything wrong with my policies? Any help will be appreciated immensely! Thanks, Raghu 