[strongSwan] tunnel established and child nodes not able to ping

christopher kamutumwa chriskamutumwa at gmail.com
Mon Apr 25 10:46:42 CEST 2016


hello

have trouble with ping on child sas. no error given everything looks ok why
arent we able to ping other side?

root at ctlgate:~# ipsec up host177New-etops
initiating Main Mode IKE_SA zamtel-gateway[3] to 41.72.111.122
generating ID_PROT request 0 [ SA V V V V ]
sending packet: from 185.3.95.94[500] to 41.72.111.122[500] (152 bytes)
received packet: from 41.72.111.122[500] to 185.3.95.94[500] (80 bytes)
parsed ID_PROT response 0 [ SA ]
generating ID_PROT request 0 [ KE No ]
sending packet: from 185.3.95.94[500] to 41.72.111.122[500] (196 bytes)
received packet: from 41.72.111.122[500] to 185.3.95.94[500] (256 bytes)
parsed ID_PROT response 0 [ KE No V V V V ]
received Cisco Unity vendor ID
received DPD vendor ID
received unknown vendor ID: b9:69:9c:88:2b:db:d3:ac:0f:de:b1:42:2b:18:43:3a
received XAuth vendor ID
generating ID_PROT request 0 [ ID HASH ]
sending packet: from 185.3.95.94[500] to 41.72.111.122[500] (68 bytes)
received packet: from 41.72.111.122[500] to 185.3.95.94[500] (68 bytes)
parsed ID_PROT response 0 [ ID HASH ]
IKE_SA zamtel-gateway[3] established between
185.3.95.94[185.3.95.94]...41.72.111.122[41.72.111.122]
scheduling reauthentication in 28555s
maximum IKE_SA lifetime 28735s
generating QUICK_MODE request 3414666737 [ HASH SA No ID ID ]
sending packet: from 185.3.95.94[500] to 41.72.111.122[500] (164 bytes)
received packet: from 41.72.111.122[500] to 185.3.95.94[500] (180 bytes)
parsed QUICK_MODE response 3414666737 [ HASH SA No ID ID N((24576)) ]
CHILD_SA host177New-etops{10} established with SPIs ca390b8a_i 19a6c5fd_o
and TS 172.30.200.177/32 === 172.16.12.152/32
generating QUICK_MODE request 3414666737 [ HASH ]
sending packet: from 185.3.95.94[500] to 41.72.111.122[500] (60 bytes)
connection 'host177New-etops' established successfully
root at ctlgate:~# ping  172.16.12.152
PING 172.16.12.152 (172.16.12.152) 56(84) bytes of data.
^C
--- 172.16.12.152 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2009ms
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.strongswan.org/pipermail/users/attachments/20160425/20d659a1/attachment.html>


More information about the Users mailing list