Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

knitti wrote: On 10/19/07, Stephen Bosch [EMAIL PROTECTED] wrote: Other things I've tried: - moving the Jetdirect to a different port on the same physical switch - a variety of static and dynamic IPs in the subnet I also forwarded the external port 9100 to this print server and tried to

Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

On Fri, 2007-10-19 at 00:30 -0600, Stephen Bosch wrote: Hi, folks: Here's a good one for you. I have an IPsec tunnel running between two OpenBSD boxes. One is still running 3.8 (yes, it needs to be updated) and the other is running 4.1. There is a functioning tunnel running between the

A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

Hi, folks: Here's a good one for you. I have an IPsec tunnel running between two OpenBSD boxes. One is still running 3.8 (yes, it needs to be updated) and the other is running 4.1. There is a functioning tunnel running between the two devices. Hosts on one end can see hosts on the other,

Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

knitti wrote: On 10/19/07, Stephen Bosch [EMAIL PROTECTED] wrote: Other things I've tried: - moving the Jetdirect to a different port on the same physical switch - a variety of static and dynamic IPs in the subnet I also forwarded the external port 9100 to this print server and tried to

Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

Jussi Peltola wrote: Does the print server have the right gateway configured? Yeah. Checked that. Does scrub have any effect (fragments get dropped in some cases if scrub is off - that bit me once with openvpn)? I think scrub is on, though -- I'll have to look again. Wouldn't tcpdump

Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

Does the print server have the right gateway configured? Does scrub have any effect (fragments get dropped in some cases if scrub is off - that bit me once with openvpn)? Wouldn't tcpdump tell you more about the packets coming back from it? I'd probably just use rdr and a TCP proxy on some

Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

On 10/19/07, Stephen Bosch [EMAIL PROTECTED] wrote: Other things I've tried: - moving the Jetdirect to a different port on the same physical switch - a variety of static and dynamic IPs in the subnet I also forwarded the external port 9100 to this print server and tried to access it from a

Re: A (pf?) puzzler -- a single device invisible on the other side of an IPsec tunnel

Claudiu Pruna wrote: hi Stephen, No offense, but did you check JetDirect's ip settings about the default gateway ? None taken. Yes, I did actually check that, and it was correct. Try an tcpdump on the ethernet interface at site A while trying to print from site B and check if you see