From owner-freebsd-questions@FreeBSD.ORG Thu Sep 25 18:05:47 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id D77A08E0 for ; Thu, 25 Sep 2014 18:05:47 +0000 (UTC) Received: from mail-pd0-x229.google.com (mail-pd0-x229.google.com [IPv6:2607:f8b0:400e:c02::229]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id AA0A496B for ; Thu, 25 Sep 2014 18:05:47 +0000 (UTC) Received: by mail-pd0-f169.google.com with SMTP id fp1so7091566pdb.28 for ; Thu, 25 Sep 2014 11:05:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=zIyBAbv9eY5LyIAL5TkavVeGd+ThT/Rc/tXHYQQe3Bg=; b=ZwVxP9l0AhjjXno5c1HfQWj0TKND7LJ6kNvWKnGBjz52cpftFdfPGD5B3MmzBq61FC zLeqmzNHICcAJiYIyDpnmcyVosvukzDo3x1PwnrJNZRsJhR9RN3F+bsT/9GXgg1L1NOj cRG/DSlGNqhix+SFrj38IM/xN3bWKD2tka+Juy/OlXDJx3wUItBqn8AKI1qhdlaE4Thb Ai+6EJ6WB9W8h3066mOkBH8ESxmVQyEG06miagdqlHLIrBQA5dTU2m2vtyDalMg56IZy toaM1VeW5r/Ed85bLHWx7+wtm5NqJo9FlmCTvS05XxhnhBFy9L9LOmelopjVIVChQVRC HOJw== X-Received: by 10.66.191.7 with SMTP id gu7mr22279020pac.32.1411668347047; Thu, 25 Sep 2014 11:05:47 -0700 (PDT) Received: from [192.168.11.3] ([27.12.214.59]) by mx.google.com with ESMTPSA id gj1sm2274287pbc.85.2014.09.25.11.05.44 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 25 Sep 2014 11:05:46 -0700 (PDT) Content-Type: text/plain; charset=windows-1252 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Subject: Re: VPN client cannot receive packets From: Zhi-Qiang Lei In-Reply-To: <5424444A.4020802@gmx.de> Date: Fri, 26 Sep 2014 02:05:40 +0800 Content-Transfer-Encoding: quoted-printable Message-Id: <833C8AEE-E240-4729-B394-F311B7A6C52E@gmail.com> References: <6AF0AAAB-E7F2-4FA7-81E5-223DA924DDE1@gmail.com> <542424A2.6080408@gmx.de> <2330161C-FA96-4843-AEDA-376344483D61@gmail.com> <5424444A.4020802@gmx.de> To: "lokadamus@gmx.de" X-Mailer: Apple Mail (2.1878.6) Cc: freebsd-questions@freebsd.org X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Sep 2014 18:05:47 -0000 On Sep 26, 2014, at 12:35 AM, lokadamus@gmx.de wrote: > On 25.09.2014 16:47, Zhi-Qiang Lei wrote: >=20 >> Hi, >>=20 >> It is my router/firewall with internet connection. >>=20 >> This time I try to list the packets from 8.8.8.8, but there are none. >>=20 >> root@freebsd-7638:~ # tcpdump src 8.8.8.8 >> tcpdump: verbose output suppressed, use -v or -vv for full protocol = decode >> listening on vtnet0, link-type EN10MB (Ethernet), capture size 65535 = bytes >>=20 >> Now the question URL is changed. >>=20 >> = http://serverfault.com/questions/631260/freebsd-l2tp-vpn-connection-error >>=20 >> Best regards, >> Zhi-Qiang Lei >> zhiqiang.lei@gmail.com >>=20 >> On Sep 25, 2014, at 10:20 PM, lokadamus@gmx.de wrote: >>=20 >>> On 25.09.2014 08:48, Zhi-Qiang Lei wrote: >>>=20 >>>> I setup a L2TP/IPsec VPN as this article: >>>>=20 >>>> http://wiki.stocksy.co.uk/wiki/L2TP_VPN_in_FreeBSD >>>>=20 >>>> My problem is that the connected clients cannot receive packets, = however, sending is okay. >>>>=20 >>>> Here are the tcpdump results if I tried to ping 8.8.8.8: >>>>=20 >>>> root@freebsd-7638:~ # tcpdump -i vtnet0 icmp >>>> tcpdump: verbose output suppressed, use -v or -vv for full protocol = decode >>>> listening on vtnet0, link-type EN10MB (Ethernet), capture size = 65535 bytes >>>> 05:55:17.630770 IP 192.168.99.150 > google-public-dns-a.google.com: = ICMP echo request, id 36697, seq 0, length 64 >>>> 05:55:18.627825 IP 192.168.99.150 > google-public-dns-a.google.com: = ICMP echo request, id 36697, seq 1, length 64 >>>> 05:55:19.624058 IP 192.168.99.150 > google-public-dns-a.google.com: = ICMP echo request, id 36697, seq 2, length 64 >>>> 05:55:20.618946 IP 192.168.99.150 > google-public-dns-a.google.com: = ICMP echo request, id 36697, seq 3, length 64 >>>> 05:55:21.622551 IP 192.168.99.150 > google-public-dns-a.google.com: = ICMP echo request, id 36697, seq 4, length 64 >>>>=20 >>>> What could be wrong? And how can I troubleshoot? You may reply on = SuperUser if you want, thanks in advance. >>>>=20 >>>> http://superuser.com/questions/816485/cannot-receive-packets >>>>=20 >>>> Best regards, >>>> Zhi-Qiang Lei >>>> zhiqiang.lei@gmail.com >>>>=20 >>>> _______________________________________________ >>>> freebsd-questions@freebsd.org mailing list >>>> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >>>> To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" >>>>=20 >>> Hi, >>>=20 >>> Is this your router/ firewall with internet connection? >>> Look with tcpdump for traffic at 8.8.8.8. >>> So you can see, if traffic comes back or is missing before your vpn = system. >>>=20 >>>=20 >>> Best regards >>>=20 >> _______________________________________________ >> freebsd-questions@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-questions >> To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org" >>=20 > Stupid mistake, have you made a vpn connection with google (8.8.8.8) = or with another subnet on the other side? > When you will test you vpn connection you should ping your other side = of your vpn connection. >=20 > Best regards, >=20 When I connect to VPN, I can ping the VPN (gateway) server with its IP = in VPN. (My IP in VPN is 192.168.99.150) $ ping 192.168.99.1 PING 192.168.99.1 (192.168.99.1): 56 data bytes 64 bytes from 192.168.99.1: icmp_seq=3D0 ttl=3D64 time=3D441.677 ms 64 bytes from 192.168.99.1: icmp_seq=3D1 ttl=3D64 time=3D361.192 ms 64 bytes from 192.168.99.1: icmp_seq=3D2 ttl=3D64 time=3D281.524 ms 64 bytes from 192.168.99.1: icmp_seq=3D3 ttl=3D64 time=3D300.120 ms 64 bytes from 192.168.99.1: icmp_seq=3D4 ttl=3D64 time=3D430.178 ms But I cannot ping 8.8.8.8. $ ping 8.8.8.8 PING 8.8.8.8 (8.8.8.8): 56 data bytes Request timeout for icmp_seq 0 Request timeout for icmp_seq 1 Request timeout for icmp_seq 2 Request timeout for icmp_seq 3 Request timeout for icmp_seq 4 Request timeout for icmp_seq 5 When I ping 8.8.8.8, tcpdump on VPN server shows that there is no = response from 8.8.8.8. Did I miss something? Thanks. Best regards, Zhi-Qiang Lei