Hi Lukas, > But when I do ping to host that is obviously running and has firewall > with any/any allow: > # ping 192.168.1.54 > PING 192.168.1.54 (192.168.1.54): 56 data bytes > ^C > --- 192.168.1.54 ping statistics --- > 7 packets transmitted, 0 packets received, 100% packet loss > # > > when I run tcpdump on same system I can see: > > # tcpdump -i any -n icmp > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on any, link-type LINUX_SLL (Linux cooked), capture size 65535 > bytes > 12:47:09.671920 IP 1.2.3.4 > 192.168.1.54: ICMP echo request, id 8565, > seq 0, length 64
Any NAT configured on this host (e.g. from 192.168.1.0/24 to 1.2.3.4)? If so, have a look at [1]. Regards, Tobias [1] https://wiki.strongswan.org/projects/strongswan/wiki/ForwardingAndSplitTunneling _______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
