I'm seeing something possibly similar. I have upgraded a Fedora 11 box to Fedora 14. This box was succesfully running five IPSec tunnels. Four of them to a ZyXEL P-2602H, one to Fedora 13 box. After upgrading, all of the tunnels were reestablished, but no traffic was possible over it. Using Wireshark I found out that packets returning from a remote host are being routed to the wrong interface. Let's say I have this: SRC=1.2.3.4 (public, on eth1) SRCNET=192.168.1.0/24 (private, on eth0) DST=5.6.7.8 (public) DSTNET=192.168.2.0/24 (private) While pinging from our 192.168.1.217 to their 192.168.2.16, I see - unencrypted packet arrives at our tunnel - encrypted packet is sent to DST - (not tracing remote internal network, assuming everything's OK) - encrypted return packet arrives at SRC - unencrypted return packet is sent to eth1, even though destination address is 192.168.1.217 There's nothing in the routing table that could explain this. Pim On 4-1-2011 11:50, Luc MAIGNAN wrote: > Hi, > > I use racoon to establish an IPSEC tunnel between a fedora box and a router. > > The tunnel is mounted. > > Both my fedora and network behind the router can ping each other > > The network behind the router can use the tunnel to ssh my fedora > > But my fedora isn't able to ssh the network behind the router. > > IPTRAF shows me that packets come correctly from the opposite side, but > ssh doesn't seem to receive them. > > > What can happen ? > > Any help would be appreciated > > BR -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
