It's a bit hard to tell using the information you supplied, but here's a
few thoughts...

First, did you remember to switch the SPI numbers on one of the sides? If
one side "sends" using SPI 1000, the other side should "send" using
another SPI (separate SAs...).

Then, if the above is not the problem, does it work if you disable IPF?

(I assume you've turned on IP forwarding?)

Does 'netstat -p esp' tell you anything of interest? Which numbers
increase when you try to send traffic across the VPN?

Also, if you haven't already, vpn(8) makes good reading...

/H

--
Håkan Olsson <hocrt.se>        (+46) 708 437 337     Carlstedt Research
Unix, Networking, Security      (+46) 31 701 4264        & Technology AB

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]