|
Charles, Thanks for the information so far! I added
the following lines to the ipfilter.conf file at the end:
$IPCH -A input -j ACCEPT -p 50 -s 64.241.69.122 -d
24.9.126.49
$IPCH -A input -j ACCEPT -p 51 -s 64.241.69.122 -d
24.9.126.49
$IPCH -A input -p upd -s 64.241.69.122
-d 24.9.126.49 500: -j ACCEPT
$IPCH -A input -j ACCEPT -p 50 -s 24.9.126.49 -d
64.241.69.122
$IPCH -A input -j ACCEPT -p 51 -s 24.9.126.49 -d
64.241.69.122
$IPCH -A input -p upd -s 24.9.126.49 -d
64.241.69.122 500: -j ACCEPT
I've also set all of the relevant interfaces in
/proc/sys/net/ipv4/conf/<interfacename>/rp_filter to 0
The disks I'm using are Eigerstein 1 with the ipsec
floppy kernel in a dual floppy configuration.
The network is like this:
<private 192.168.10.0/24>-----<Router
cx1140290-c 24.0.0.0>---<Internet>---<Router
64.241.69.122>-----<private 192.168.110.0/24>
with the obvious goal of accessing the remote
networks for misc. services such as printing SMB etc.
In the barf log after the latest changes I can see
that the packets are leaving but not showing up on the remote end.
The rp_filter setting bothers me.. I figure you
have it turned on in the kernel for a reason but Klips says it may not work with
the settings as they are default.
I also tried echowall 1.22 with this configuration
with no apparent change.
I have found several referances to using tcpdump to
check traffic is there a lrp package for tcpdump? or maybe another utility for
troubleshooting the network?
Thank you everyone for your advice so
far!
John Abrams
Network Navigators
USA |
- [Leaf-user] RE: IPSEC Problems John Abrams
- Re: [Leaf-user] RE: IPSEC Problems Charles Steinkuehler
- [Leaf-user] RE: IPSEC problems John Abrams
- [Leaf-user] RE: IPSEC problems John Abrams
- Re: [Leaf-user] RE: IPSEC problems Mike Noyes
