I am struggling to get a vpn working between two Suse 8.2 boxes.
This is a ipsec-vpn between two subnets. Both gateway servers (stpeter and golum)are Suse 8.2, ipsec version is 1.99.
here is a simple sketch of the setup:
10.1.x.x<=>10.1.1.214 |stpeter|208.171.49.111<=ipsec=>24.196.143.44|golum|192.168.204.1<=>192.168.x.x
I do not want to use certificates for now. I seem to be getting a tunnel established with little trouble. My on;ly problem is that no packets use it <g>.
With all the ipsec shut down, I can ping from 10.1.1.236 to 192.168.204.30 and vice versa.
With ipsec up, a ping from either end shows nothing.
The Susefirewall2 doesn't seem to show any dropped packets at either end.
Ifconfig shows no packets received by ipsec0, but with the firewall tagged to show accepted packets , I show packets being delivered to ipsec0.
So my suspicion has been routing. It looks like something happens between ethx sending the packets to the ipsec enabled interface and that interface receiving them. Tcpdump is not very illuminating -- it shows packets going out of the internal interface to ispec0, but nothing being received at the the external ethernet interface or the ipsec interface.
I am mystified and confused. I have sort of run out of places to look.
I ran "ipsec barf" on both gateways.
To save bandwidth I uploaded stpeter's barf to:
http://www.jhml.org/misc/stpeterbarf.txt
and golum's to http://www.jhml.org/misc/golum.txt
I would appreciate any help at all. I likely am missing something obvious.
Thanks.
John Lederer
-
John Lederer