What is the log message in say /var/log/messages ? Also, please post the output of
Ip xfrm policy Ip xfrm state Ipsec statusall Thanks, Bharath Kumar On Tuesday, January 1, 2013, richard -rw- weinberger wrote: > Hi! > > On my RHEL6 system (strongswan 4.6.4) I'm using the following setup: > http://wiki.strongswan.org/projects/strongswan/wiki/IOS_%28Apple%29 > > The client can connect to the server and gets a virtual IP assigned. > But the Kernel seems to drop the packets from the client immediately. > > server config: > conn ios > keyexchange=ikev1 > authby=xauthrsasig > xauth=server > left=%defaultroute > leftsubnet=0.0.0.0/0 > leftcert=serverCert.pem > leftfirewall=yes > right=%any > rightsubnet=10.99.0.0/24 > rightsourceip=10.99.0.2 > rightcert=clientCert.pem > pfs=no > auto=add > > Using tcpdump I can see Packets from 10.99.0.2 but Linux seems to drop > them while routing them. > If I install an iptables LOG rule into the PREROUTING chain, iptables > logs the packet. Later (E.g. in FORWARD) they do no longer exist. > > Do I need to install any IP out of 10.99.0.0/24 on my server? > Or is there anything else which needs to be done on the Linux side > which is not covered by the above tutorial? > Before I start debugging on kernel level I'd like to verify that I'm > not missing something obvious... > > Thanks, > //richard > > _______________________________________________ > Users mailing list > [email protected] <javascript:;> > https://lists.strongswan.org/mailman/listinfo/users >
_______________________________________________ Users mailing list [email protected] https://lists.strongswan.org/mailman/listinfo/users
