Here's a question I've received, relating to a wiki page, that I can't
answer. Anyone got any ideas?
From: Jason Romo [ <mailto:email@example.com]>
Sent: Wednesday, 19 July 2006 11:43 p.m.
To: Craig Box
Subject: Openswan and Cisco PIX
I used your online document and I have a tunnel between the openswan 2.4.5
(using netkey with 2.6.16 kernel) and a Cisco PIX 501. I see the link is up
on both sides. I ping the cisco's internal IP and I see the ICMP via debug
icmp trace, but I don't get a resonse. I am not sure what is wrong. I
think it is on the cisco side. It doesn't seem to allow traffic to the
internal network. Any ideas where to start.
From: Craig Box
Date: Thu, 20 Jul 2006 08:49:57 +1200
To: 'Jason Romo' <jromo(a)networkguardian.net>
Subject: RE: Openswan and Cisco PIX
Haven't done anything with either a Swan or a Cisco for a long time sorry.
? Does this apply
From: Jason Romo [mailto:firstname.lastname@example.org]
Sent: Thursday, 20 July 2006 9:12 a.m.
To: Craig Box
Subject: Re: Openswan and Cisco PIX
I copied the config to another machine and it works fine to the same cisco
box on the remote end. I wonder if the upstream cisco route is filtering or
something. But they can access anything on our network and we respond. But
I can't initiate the traffic. I have checked that the firewall rules are
good, routes, even kernel modules. I can't find a problem. They look the
same. The system is the system it is an image of the exact box. Any ideas?
Thanks for your help,