6

Packets go out one tunnel, come back another, then are dropped

view full story
linux-howto

http://www.linuxquestions.org – I’ve run into a of a routing issue pertaining to packets leaving a firewall, traversing and IPSec tunnel, hitting the target and then returning via a different tunnel, finally arriving back on the source firewall but on a different interface from where it started. Once the packet has returned to the firewall it is dropped… I’ve been unable to discover the reason for the drop. Two sides to the system, Firewall A and Firewall B. Each firewall provides the default gateway to its respective side and offers a backup IPSec tunnel to the high capacity tunnel handled internally. The Layer 3 (HowTos)

dayu's picture
Submitted by dayu on 12/06/2010 – Made popular on 12/06/2010

Stories similar to Packets go out one tunnel, come back another, then are dropped

I have managed to get iodine working between my ubuntu intrepid box and my windows client with a caveat.

The firewall rules allows DNS queries inbound. The client tunnel endpoint gets assigned an IP address and the tunnel is established properly.

However when I try to ping from the client machine, the reply packets are not coming back.

I used TCPDUMP on the Ubunto box and watch the dns0 tunnel

I have had a IPSEC connection setup between two firewalls. Now I want to remove the tunnel in my firewall, a "Fortigate 60".

There are two phases, "Phase 1" and "Phase 2" for each IPSEC connection. I can delete the "Phase 2" entry by clicking the trashcan icon (in the web interface), but there is not such icon for "Phase 1".

I recieved a list of commands that were run on the right side of the VPN tunnel which is where the Cisco ASA resides. On my side, I have a linux based firewall running debian with openswan installed.

I rely on the following script tunnel.sh written by others to keep a ssh tunnel alive:

#!/bin/bash export SSH_HOST=tim@server

if [ ! -f /tmp/.tunnel ] then echo "Creat SSH tunnel" ssh -f -D 9999 $SSH_HOST "if [ -f ~/.tunnel ]; then rm ~/.tunnel; fi; while [ !

NETKEY IPsec and ARP 1 year 8 weeks ago

I'm wondering if I have the correct routing setup for an IPsec tunnel. I have control over the IPsec endpoints and the hosts connected to one side. These hosts are connecting to the tunnel so that they have access to the network on the other side of what I will call the IPsec server.

Hello everyone,

I am here in sunny singapore stuck behind a hotel firewall yet again paying 30 dollars a day for internet yet unable to send e-mail except according to the insane rules dreamt up by whoever it was that is in charge of internet security at the Novotel.

SuSE firewall Issue 3 years 22 weeks ago

I'm having trouble configuring my SuSE firewall and was wondering if anyone has any experience to assist me or point me to some documentation that may help.

I have created an tunnel device using

ip tuntap add dev tun0 mode tun user 0 group 0

I then assign it an ip address 192.168.0.1/22

ifconfig tun0 192.168.0.1 netmask 255.255.252.0

On my ethernet device eth0, I receive packets from machines in the ip address range 192.168.1.2-192.168.1.5. I would like these packets to be forwarded on the tunnel device.

I am trying to troubleshoot as to why I am getting the following error when I try log-in to the VPN using Shrew Soft VPN. What doesn't make sense is that it works on the same machine except that in a different ISP.