On Tue, 2006-12-05 at 12:06 +0900, Mathieu Sauve-Frankel wrote:
> > now, I got the tunnel setup just fine using just ipsec.conf. I was just
> > curios if there was a quick and simple way to to test traffic through
> > the tunnel since it is just a host to host configuration.
>
> I'm curious to know why you don't think ping is a good tool to test
> this with ? run ping and run tcpdump. if tcpdump shows esp packets
> well you can assume the tunnel is working. If the tunnel shows icmp
> packets your tunnel probably doesn't work.
I never said that ping wasn't a good test...if I could use ping I would.
However, in the setup where I have two machines, A and B that have
addresses 192.168.2.5 and 192.168.2.6 respectively and an IPSec tunnel
setup as so:
A - ike esp from 192.168.2.5 to 192.168.2.6
B - ike esp from 192.168.2.6 to 192.168.2.5
trying to ping the other's address doesn't go out via the enc0
interface, but the regular bge0 default interface.
or am I completely wrong on this one?
TIA,
ryanc
--
Ryan Corder <[EMAIL PROTECTED]>
Systems Engineer, NovaSys Health LLC.
501-219-4444 ext. 646
[demime 1.01d removed an attachment of type application/pgp-signature which had
a name of signature.asc]
