Victor,
If you are initiating the applications from the box that has the
ipchains on it, add a rule like this:
ipchains -A input -s 0/0 -d 0/0 -p tcp ! -y -j ACCEPT
This allows connections that you *initiated* from the box to accept part
#2 of the three-way tcp handshake, to establish the
$.02 interjection:
using IPsec between boxes is for communications security, it has nothing
to do with host security, for which an entirely different set tools are
available. The main point here being: to sniff traffic between the two,
you have to be able to crack IPsec. (good luck!)
On Mon,