Hi Team, Please help in below scenario:-
I have 3 machines :- machine A ( ip - 10.5.5.7, Client ), machine B(10.5.5.52, server ) and machine C [ callto:(192.168.13.212 | (192.168.13.212 ] ). Ipsec sec tunnel established between machine A and machine B. when i ping from A to B , ipsec whack --trafficstatus in and out byte get increase. Now machine C is connected with machine B through usb to ethernet converter and there is a route at machine A so that i can ping machine C through machine A, But when i ping machine C from machine A , ping get started but ipsec whack --trafficstatus is not increasing means outgoing packets are going through tunnel. and when i ping C to A , ipsec whack --trafficstatus showing in out bytes correclty. means when i ping A to C packets not going through tunnel but when i ping C to A packets going through tunnel. route set at machine A = route add -net 192.168.13.0/24 gw 10.5.5.52 route set at machine C = route add -net 10.5.5.0/24 gw 192.168.13.50 Note - 192.168.13.50 is the ip of usb to ethernet interface which connect machine B(server) to C. Expected result - I want when i ping machine C through machine A , ipsec traffic should get increase. Note - Ipsec tunnel is only between A and B , where A is client and B is server. Server ipsec.conf config setup protostack=netkey #virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:!10.231.247.0/24,%v4:!10.231.246.0/24 # uniqueids=no nssdir=/etc/ipsec.d #dumpdir=/var/run/pluto/ logfile=/var/log/pluto.log conn myconn authby=rsasig left=10.5.5.50 leftcert=10.5.5.50 leftid=%fromcert leftsendcert=always #leftsubnet=10.5.5.50/24 # leftrsasigkey=%cert right=10.5.5.5 #rightsubnet=10.5.5.5/24 rightid=%fromcert type=tunnel ikev2=insist auto=start encapsulation=yes Client ipsec.conf config setup protostack=netkey #virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v4:!10.231.247.0/24,%v4:!10.231.246.0/24 # uniqueids=no nssdir=/etc/ipsec.d #dumpdir=/var/run/pluto/ logfile=/var/log/pluto.log conn myconn authby=rsasig left=10.5.5.5 leftcert=10.5.5.50 leftid=%fromcert leftsendcert=always #leftsubnet=10.5.5.55/24 # leftrsasigkey=%cert right=10.5.5.50 #rightsubnet=10.5.5.50/24 rightid=%fromcert type=tunnel ikev2=insist auto=start encapsulation=yes Please help in out in my stuck from last 10 days. Regards, Mehboob Ansari
_______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
