On Tuesday 23 April 2002 14:57, MLU wrote: > Thank you Charles. > > After making the RSA right, I restarted the ipsec service on both > side and then I try to ping a machine on 192.168.1.x from 192.168.9.x > subnet but the ping times out and there is nothing in auth.log or > syslog suggesting a reason.
Funny, it appears that the tunnel has come up even though your left & right sides are not the same on both gateways.... that normally doesn't happen (might be a problem). But more likely, the route to the correct local subnet on each machine is missing (I assume eth1). Using a Subnet-to-Subnet connection you cannot get the gateways to use the tunnel, they only route the local subnet traffic to the remote subnet... so any machine on the local subnet should be able to ping any machine on the remote subnet except the gateways themselves. I hope this helps! :-) -- ~Lynn Avants aka Guitarlynn guitarlynn at users.sourceforge.net http://leaf.sourceforge.net If linux isn't the answer, you've probably got the wrong question! _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user