There's nothing special about routing VPN packets from the view of the Vyatta router. You can see the traffic that the Vyatta is seeing using the integrated packet sniffer. While logged in as the root user, run tshark -n -i <interface> to see the packets. For full packet detail, add -V.
Best, Justin On Nov 13, 2007 6:28 AM, <[EMAIL PROTECTED]> wrote: > > Hi, > > I'm using vyatta vc3 (virtual appliance). I have two firewall connecte to > the router. I create a VPN between my two firewall but it seems that ISAKMP > frame are not routing. > > Use case: > > - I create my policy for vpn > - I launch a ping (since net 192.168.1.0) > - I launch a tcpdump on fire cluster (blue one) > - I can see ISAKMP frame > - I launch a tcpdump on fire cluster (red one) > - I don't see ISAKMP frame > And it is the same when I do the contrary. > > > Config that I have on my router: > > eth0 net 129.40.1.1 > eth1 net 212.20.1.1 > eth2.129 129.40.2.1 > eth2.212 212.40.2.1 > > route are automted generate follwing interface that I have defined. This is > all configuration that I do on vyatta router. > It is possible to have a debug mode for see vpn frame on vyatta router, or > another solution for see how frame are manage ?? > Or other solution maybe router don't accepte VPN frame ... > I don't know. > > Thanks for your help. > > > (Embedded image moved to file: pic18467.jpg) > > > > ---------------------------------- > Best Regards, > Gregory Grimaux > > Tel: +33 4 97 23 43 36 > http://www.stonesoft.com > ----------------------------------- > Subscribe to a Webletter on Trends in Network Security at: > http://www.stonesoft.com/network_security/ > _______________________________________________ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users > > _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users
