Hello everyone.
I am experiencing some rather frustrating results with IPSEC tunnels we are testing between 3
ASL 4.019 boxen. Here is the breakdown:
BOX A INTERNAL NETWORK 10.10.10.0/24
BOX B INTERNAL NETWORK 10.10.2.0/24
BOX C INTERNAL NETWORK 192.168.0.0/24
All tunnels are AES_PFS and using PSKs,NET-TO-NET, and all tunnels are completing and showing as erouted within the connections screen - suggesting the initial setup is solid.
Tunnel BOX A and B:
B network can reach everything on the A network. Nothing on the A network can reach anything on the B network. No packets being dropped in packet filter logs, no evidence of what is happening to packets.
Tunnel BOX A and C:
Tunnel completes, but no communication between either network.
Tunnel between BOX B and C:
Tunnel completes, B network can hit everything on C network, C network cannot hit anything on B network. Again, no evidence of dropped packets.
On all the affected boxes, packet filter rules have been added to allow everything from the remote network to communicate with everything on the local network. The issues almost sound like
NATing is occuring (due to the one way communication), but I can't see why that would occur as all the NAT rules are pretty standard (simple masq rule for internal network to outside). Am I missing something really obvious? All network's default gateways are set to the ASL boxen.
This thread was automatically locked due to age.
