On 2013-09-24 09:44, James Griffin wrote: > * Hugo Osvaldo Barrera <[email protected]> [2013-09-24 03:53:46 -0300]: > > > Hi, > > > > I've been experimenting a bit with IPSec and creating a VPN using it. I've > > been successful, but have encountered an odd issue. > > > > I've two hosts, linking two networks: > > > > Host A's /etc/iked.conf: > > ikev2 active esp from 172.16.0.0/16 to 172.17.0.0/16 \ > > peer 174.136.104.18 psk "a-test-key" > > > > Host B's /etc/iked.conf: > > ikev2 esp from 172.17.0.0/16 to 172.16.0.0/16 \ > > peer 190.210.108.249 psk "a-test-key" > > > > (Of course those are not the real keys). > > > > I can ssh 172.17.0.1 from the 172.16.0.0 network fine and viceversa. > > > > So far so good. > > > > BUT I can't establish any TCP connection from Host A to Host B's public > > IP address and viceversa. > > So you can connect using internal addresses but not using public address. Just a thought, but have you opened the necessary ports on your router? What is your setup like? > > [ ... ] >
They're both connected directly to the internet with no router in front of them. With the tunnel disabled, everything works fine between both. -- Hugo Osvaldo Barrera [demime 1.01d removed an attachment of type application/pgp-signature]
