Micah Silverman writes:
> 1) After the IPSEC connection is established between virtLinuxIPSEC and
> virtLinux, why does the ICMP request go out on the eth0 adapter and not
> ipsec0?
Which box are you pinging from? You show an example from
virtLinuxIPSEC -> virtLinux but in your diagram you don't list any
ipsecX interface for virtLinuxIPSEC. You do list one on virtLinux but
from the diagram it looks like you have it attached to the wrong
interface ("looks like" because Eudora, your mail client, wrapped some
lines your diagram and I'm not certain I unwrapped them correctly).
You should have ipsec0 attached to eth1 since that is the external
interface for virtLinux. If you are still having problems after
making that change, please include the output of all the following on
virtLinuxIPSEC and virtLinux :-
$ ipsec tncfg
$ ipsec spi
$ ipsec eroute
$ route -n
since without them it is difficult to be sure what the state of your
IPsec connections are.
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST