[Users] networking problems with ipsec vpn
Aleksandar Ivanisevic
aleksandar at ivanisevic.de
Wed Jun 16 10:36:06 EDT 2010
what could be the reason that I see ICMP echo reply packets in tcpdump,
but ping still doesnt work
this is in a VE
# /usr/sbin/tcpdump -n host 10.1.8.24
tcpdump: WARNING: arptype 65535 not supported by libpcap - falling back to cooked socket
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on venet0, link-type LINUX_SLL (Linux cooked), capture size 96 bytes
16:12:32.752955 IP x.y.z.39 > 10.1.8.24: ICMP echo request, id 57367, seq 1, length 64
16:12:32.795299 IP 10.1.8.24 > x.y.z.39: ICMP echo reply, id 57367, seq 1, length 64
16:12:33.752323 IP x.y.z.39 > 10.1.8.24: ICMP echo request, id 57367, seq 2, length 64
16:12:33.794946 IP 10.1.8.24 > x.y.z.39: ICMP echo reply, id 57367, seq 2, length 64
16:12:34.752703 IP x.y.z.39 > 10.1.8.24: ICMP echo request, id 57367, seq 3, length 64
16:12:34.794853 IP 10.1.8.24 > x.y.z.39: ICMP echo reply, id 57367, seq 3, length 64
16:12:35.753022 IP x.y.z.39 > 10.1.8.24: ICMP echo request, id 57367, seq 4, length 64
16:12:35.795263 IP 10.1.8.24 > x.y.z.39: ICMP echo reply, id 57367, seq 4, length 64
16:12:36.752222 IP x.y.z.39 > 10.1.8.24: ICMP echo request, id 57367, seq 5, length 64
16:12:36.794412 IP 10.1.8.24 > x.y.z.39: ICMP echo reply, id 57367, seq 5, length 64
in another terminal ping 10.1.8.24 just sits there, no reply
I have an ipsec vpn terminated on the HN. On another HN in the same
network everything works, but instead of VPN termination, that HN has
the route to the first HN for 10.1.8.24
More information about the Users
mailing list