[vpn-help] racoon & ike: Missing the last tiny bit ...
Clemens Perz
cperz at gmx.net
Fri Mar 19 04:53:22 CDT 2010
Hi all!
I am suffering from a lack of genius here :))
A debian lenny with racoon up and running serves as vpn backend.
Originally, I created a working configuration using the Shrewsoft client
for Windows, used that for a while and it still works perfect.
Now I want the same thing on Ubuntu Karmic, i.e. 9.10. First I just
installed the client, imported my existing configuration and connected
to the server. Everything fine, it connects, gets the config, creates
the tap0, sets the routes. But when I ping one of the private hosts
inside the vpn no packages find their way back and ping just says nothing.
When I trace the packages with tcpdump I see that all targets return the
right stuff, so the ping packages are routed to the target, processed
and answered. The answer package has the ip of the pinged host as
source, the tap0 ip as target and should do fine. That happens with all
protocols - I see the routing working, but the requesting application
gets nothing.
I tried to run as root and as user. I did set the 1 in ip_forward. I
even compiled and packaged the 2.1.6-beta-4 and created new Ubuntu
packages - nothing yet.
When I look at the SAD and SPD tables there is nothing unusual. I
created a racoon -> racoon setup which is working and both tables look
pretty much the same compared to what they show when I try the
connection with ikea.
I am pretty sure I am missing only a little thing here, but it seems I
cannot find the answer myself. So any hint would be very helpful :)
Thanks in advance,
Clemens
More information about the vpn-help
mailing list