After moving a patched "IPSec-Tools-0.6b2" from a Linux 2.4 to a Linux
2.6 system, both located on the same network behind the same router,
both trying to connect through to a system located elsewhere on the
Internet, I find that both computers can establish a tunnel to the
desired host.
<2.4 system> ====>
<router, not particiapating in VPN> ===> internet ===> client
<2.6 system> ====>
Great? No.
When I "ping" the (local) address that corresponds to the far side of
the tunnel, I see that Racoon promptly and successfully creates a
tunnel for me. I see, with Ethereal, that ping-response packets are
coming back from the host, once every second or so. Ethereal says that
the decoded packets look just fine.
Great? No. Why? Because I can't see any output whatsoever from the
"ping" command. Ethereal says that the packets are arriving -- there
is no firewall to contend with -- and "ping" says 100% packet loss.
The 2.4 system, using the same software (recompiled of course),
establishing the same tunnel and so-on, =does= also succeed in
establishing its own tunnel to the client, and does receive a response
on the terminal from a "ping."
In both cases, the computers are establishing the tunnel FROM
themselves TO the remote, and furthermore, they are doing so
successfully.
It must be something dumb. But, what is it? What would cause a ping
to be sent out, to come back to the host, and not be delivered to the
ping-command executing on that very host?!
|
Similar Threads
Linear Mode
