Re: [m0n0wall] m0n0-m0n0 1.3b4 ipsec up but can't ping LAN

From:	"Christopher M. Iarocci" <iarocci at eastendsc dot com>
To:	Joe Commisso <jemc at twcny dot rr dot com>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] m0n0-m0n0 1.3b4 ipsec up but can't ping LAN
Date:	Sun, 28 Oct 2007 20:45:32 -0400

Joe,

I suspect you have the subnet wrong, maybe a /32 instead of a /24 in 
your config.  Check that, and if it's not the problem, post your IPSEC 
config here.

Chris

Joe Commisso wrote:
> Hello,
>
> I have m0n0 1.3b4 -- m0n0 1.3b4 with ipsec working (NAT enabled) and 
> SA established.
>
> I can only ping the internal IP of the m0n0 at the other end but can't 
> ping the rest of the LAN.
>
> In my firewall log, the following is a record of the blocked ping:
>
> Act  |    Time                       |   If         |     
> Source                       |      Destination                      
> |     Proto
>
> X     |    19:48:26.397742    |   WAN  |    64.xx.xx.14, port 443  
> |     192.168.7.50, port 4989  |     TCP
>
>
> As I said, pinging the internal NIC of the m0n0 at the other end works 
> and of course is on the LAN, not the WAN.
> I have tried searching the message boards all day. Now it is time for 
> me to post.
>
> Firewall rules at both ends:
>
> Proto  |    Source  |    Port   |   Destination  |      Port  |    
> Description     *         |   *           |    *       |   
> *                 |       *     |   Default LAN -> any
>
>
> Thanks in advance,
>
> Joe
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>