[strongSwan] Cannot ping in tunnel
Hoggins!
hoggins at radiom.fr
Wed Dec 7 18:00:20 CET 2016
Thanks.
I've flushed all my filter / mangle rules.
The only nat rule left is
iptables -t nat -A POSTROUTING -o eth0.11 -j MASQUERADE
... eth0.11 being my "oustide" leg because this host acts as a router
for other subnets.
Should I do otherwise ?
Le 07/12/2016 à 17:51, Noel Kuntze a écrit :
> Hello Hoggins,
>
> Fix your iptables rules. Look at all the tables. Traffic flows through the different tables and chains. There's no special handling of IPsec packets.
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.strongswan.org/pipermail/users/attachments/20161207/244c523c/attachment.sig>
More information about the Users
mailing list