Where do I check to see if protocol 50 packets are being allowed through? I'll be working more on it this weekend.. I'd really like to get this working so I'll try just about anything.. even possibly step/by/step support via phone (I'd beg someone to call my 800 number for a little assistance...
Joey -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Charles Steinkuehler Sent: Friday, March 08, 2002 4:57 PM To: [EMAIL PROTECTED]; LRP Support Subject: Re: [Leaf-user] ipsec errors > Ok, I've modified the config and am no longer getting any errors, however I > cannot get to the other machine. I've tried to ping, and also tried to do a > > traceroute -i eth0 -f 20 192.168.1.1 > > and have gotten only the * * * as output from the traceroute. At anyrate.. > I'm not seeing any erros, and am wondering if there is something I am > missing... any thoughts... Check the output of "ipsec look", and make sure you're allowing protocol 50 packets through the firewall. If you only allow the UDP keying traffic, the tunnels will get put in place, but the data packets (protocol 50) won't get through, so no traffic can flow... Charles Steinkuehler http://lrp.steinkuehler.net http://c0wz.steinkuehler.net (lrp.c0wz.com mirror) _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
