tunnel traffic routing
Hi All,
we have a tunnel running between two ALS with the external interfaces as endpoints.
LeftLAN-----------INTERNET-------RightLAN
The IPSECLiveLog shows me on both sides, that the tunnel is established but we are not able to send traffic trough the tunnel anymore.
0 172.16.y.y/24 -> 192.168.z.z/24 => tun0x11fa@80.x.x.x
Ping on the FW Interfaces (even with the "tools")is also not working but I configured the Rules ( net /any /net /allow and vice versa an both sides) as described in former threads and allowed ICMP on FW and ICMP forward.
When I listen with tcpdump on the external and internal interface during a ping I receive extern proto50 and intern the icmp request but it seems that the packets are not routed, because on the clientmachines is no incoming traffic reportet by the networkmonitors. The same problem appears in the other direction.
I am wondering, because the tunnel worked normal and we didn’t change the constellations. We only added the newest updates (3.215 /3.216)but I can not find a relationship between the new updates and the tunnel.
Other static LAN-LAN IPSec connections running fine with the RightASL, so I guess it may be the LEFT-SIDE asl, there is only one tunnel to establish.
Any suggestions?
thanks
Kim
[size="1"][ 29 January 2003, 06:54: Message edited by: gr3z0 ][/size]
This thread was automatically locked due to age.