From owner-freebsd-questions Fri Jun 22 5: 4:10 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mine.kame.net (kame195.kame.net [203.178.141.195]) by hub.freebsd.org (Postfix) with ESMTP id 9BE1C37B401; Fri, 22 Jun 2001 05:04:06 -0700 (PDT) (envelope-from sakane@kame.net) Received: from localhost ([3ffe:501:481d:4000:260:1dff:fe21:f766]) by mine.kame.net (8.11.1/3.7W) with ESMTP id f5MCfCY97360; Fri, 22 Jun 2001 21:41:12 +0900 (JST) To: brad@wcubed.net Cc: freebsd-net@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: Problems with IPsec tunnel In-Reply-To: Your message of "Thu, 21 Jun 2001 02:13:03 -0600" <3B31AC8F.58022F53@wcubed.net> References: <3B31AC8F.58022F53@wcubed.net> X-Mailer: Cue version 0.6 (010413-1707/sakane) Mime-Version: 1.0 Content-Type: Text/Plain; charset=us-ascii Message-Id: <20010622210338P.sakane@kame.net> Date: Fri, 22 Jun 2001 21:03:38 +0900 From: Shoichi Sakane X-Dispatcher: imput version 20000228(IM140) Lines: 14 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG > I'm having quite the time trying to set up a IPsec tunnel on 4.3-RELEASE. > Host-to-host IPsec works fine - I can make connections all day long between my > two gateways. But for the life of me, I can't get my windows boxen on each end > to talk to the other. I've got identical psk.txt files (rw-------) on both > gateways, but 10.0.1.2 can't ping 10.0.0.2 to save its life. I've told the PCs > on each end to route the other's traffic through the near gate's inside addr, > and still no go. IP forwarding is turned on and NAT is off on both gates as > well as an "OPEN" fw ruleset. I've gone through the couple of HOW-TOs on the > net, but while I understand exactly what they're saying, and I repeat the > process, I can't get it working. Did you see any message on your gateways or your hosts ? I think debugging message of raccoon and system messages could be help you. and tcpdump also can be help to know what happened your network. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message