Hi Peter,
|NET2 pings NET1: GW2(eth0) logs an icmp request ? on eth0: 9 7.631138 192.168.101.239 192.168.100.205 ICMP Echo (ping) request
the paket is entering GW2.
192.168.101.0/24 ist net2 internal 192.168.100.0/24 ist net1 internal
on ipsec0: 3 1.694921 217.235.199.35 192.168.100.205 ICMP Echo (ping) request
the paket is leaving ipsec0
on eth1: nothing--
on ppp0 nothing--
but not forwarded to ppp0/eth1. Just checked this on a 7.3, you will see ESP-pakets on both. hopfully this was not changed. Is ipsec0 bound to eth1/ppp0 (interfaces directive in ipsec.conf)?
Yes I forgot to paste int the reply. :) but basically ipsec0 looks differnent on both machines
GW2:|> 10:21:04.305584 192.168.101.239 > 192.168.100.1: icmp: echo GW1:|> 08:51:05.057368 unknown ip 0
Are you shure that these entries are correlated? Do you see ESP-pakets on the external interface of GW1? My feeling at this point is that GW2 doesn't send any paket to GW1. Check if "ipsec eroute" and "ipsec auto --status" shows the correct connections, and check "route". Greetings, Thomas -- www.ArcStyler.com - the Architectural IDE for MDA:J2EE/.NET/EAI -> CyberOne Award -> Winner Crossroads A-List Award USA -> IBM Solution Excellence Award winner for Hot Java Solution -> European Information Society Technologies Prize Winner -> Made with ArcStyler: http://www.io-software.com/customers -> OMG Press, John Wiley 2002 www.ConvergentArchitecture.com ----- < iO > --------------------------------------------------------- Interactive Objects Software GmbH mailto:Thomas.Kerkau@io-software.com http://www.io-software.com Basler Strasse 65, D-79100 Freiburg, Germany Tel: [+49]-761-40073-0, Fax: [+49]-761-40073-73 ----------------------------------------------------------------------