Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [suse-security] ipsec freeswan - connection established successfully, but packets are dropped ...
From: Markus Feilner (listsfeilner-it.net)
Date: Sat Oct 18 2003 - 05:28:14 CDT
Am Freitag, 17. Oktober 2003 12:18 schrieb Frank Stuehmer:
> Hi Markus,
> > I stopped all Firewall rules, and checked the ipsec configuration
> > over and over, but i can't find a solution.
> > Can anyone help me?
> do you have in /etc/ipsec.conf lines like this:
> leftupdown=/usr/lib/ipsec/_updown.x509 ?
> In _updown.x509 routing and firewalling for ipsec connection will be
> set. With Suse-Firewall this configuration works fine for me.
> Frank Stuehmer
Yes, I do. But that's not enough.
And I tried with or without the gw entry in line 55 - as described on
this proved to be necessary for the routing.
Now ping left-net-host -> right-net-host works, but ping right-net-host
-> left-net-host doesn't.
Packets are dropped on left-net-VPN-Server's interface ipsec0.
but why? It answers correctly on a connection initiated from
left-side-host, but can not ping to the other side...
> WS Medienservice Chemnitz GmbH
> Heinrich-Lorenz-Straße 2-4 * 09120 Chemnitz
> Tel. 0371-5289-275 * Fax 0371-5289-115
> ----- Original Message -----
> From: "Markus Feilner" <listsfeilner-it.net>
> To: "suse-security" <suse-securitysuse.com>
> Sent: Thursday, October 16, 2003 10:45 PM
> Subject: [suse-security] ipsec freeswan - connection established
> successfully, but packets are dropped ...
> > Hello List,
> > I am using SuSE 8.2 on two systems, together with freeswan ipsec.
> > Both systems run:
Mit freundlichen Grüßen
Linux Solutions, Training, Seminare und Workshops - auch Inhouse
Feilner IT Linux & GIS Erlangerstr. 2 93059 Regensburg
fon: +49 941 70 65 23 - mobil: +49 170 302 709 2
web: http://feilner-it.net mail: mfeilnerfeilner-it.net
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here