Problem with ipsec routing
Dear all I have a vpn connection that only works in a direction. Configuration: GW-Left: Suse 9.2 (kernel 2.6.8-24.3-default)) Openswan 2.2.0 Susefirewall 3.2 GW-Right: Suse 7.3 (kernel 2.4-18) freeswan 1.98b Susefirewall PC-Left/Right Windows XP SP1 | PC-Left |------------| GW-Left |--------------<Router>-------------| GW-Right |------------| PC-Right | ISAKMP SA is established, also key-exchange seems to work. A ping from PC-Right to PC-Left works fine, put a ping from PC-Left to PC-Right works not. ipsec.conf plutodebug=none # Certificate Revocation List handling #crlcheckinterval=600 #strictcrlpolicy=yes # Change rp_filter setting, default = 0 (switch off) rp_filter=%unchanged # Switch on NAT-Traversal (if patch is installed) nat_traversal=yes interfaces=%defaultroute #forwardcontrol=yes # default settings for connections conn %default # Default: %forever (try forever) #keyingtries=3 # Sig keys (default: %dnsondemand) #leftrsasigkey=%cert #rightrsasigkey=%cert # Lifetimes, defaults are 1h/8hrs #ikelifetime=20m #keylife=1h #rekeymargin=8m left=%defaultroute compress=no # Add connections here # sample VPN connection conn kbs-test type=tunnel auth=esp # Left security gateway, subnet behind it, next hop toward right. left=83.0.0.51 leftsubnet=10.0.0.64/26 leftnexthop=83.0.0.49 # Right security gateway, subnet behind it, next hop toward left. right=83.0.0.52 rightsubnet=10.0.0.192/26 rightnexthop=83.0.0.49 # To authorize this connection, but not actually start it, at startup, # uncomment this. auto=start authby=secret #Disable Opportunistic Encryption include /etc/ipsec.d/examples/no_oe.conf Any ideas about that? Greetings, Gabriel
participants (1)
-
ONAY, Gabriel