Re: VE not reachable via ipsec-Tunnel using openswan and bridge-devices [message #43028 is a reply to message #42445] |
Mon, 04 July 2011 14:58 |
JohnDoe
Messages: 3 Registered: July 2011
|
Junior Member |
|
|
Hi @all,
I got the same problem with IPSec on Debian using RACOON.
I can establish the tunnel with racoon. the VZ host can ping the VPN client and VPN client the host's private IP, but the VPSs "behind" the host get the ICMP packets on their interface, but it is ignored or dropped ?!
e.g., when I ping from VPS 10.0.2.123 to the VPN client 192.168.100.101, I see the packet on the VPS eth0, then on the host's bridge vmbr1, then on the VPN client with Wireshark. Then there is a ICMP reply generated. I can trace the reply on the host vmbr1 and on/in the VPS 10.0.2.123 eth0 interface, but then it got ignored or dropped.
No suggestions or solutions?
Best Regards,
JD.
|
|
|