Re: [m0n0wall] IPSEC is enabled... But...

From:	Falcor <falcor at netassassin dot com>
To:	Johan Bergquist <johan dot bergquist at fredab dot se>
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] IPSEC is enabled... But...
Date:	Fri, 26 Mar 2004 22:00:15 -0600

you can run PPtP and IPsec at the same time.

The firewall can not ping hosts on the other side of the IPsec tunnel. 
 Try pinging the hosts from a workstation.

Johan Bergquist wrote:

>Okay... I guess I have gotten it to work like a limping dog... When I try to
>ping the other network I get this:
> 
>From 192.168.0.1: icmp_seq=1 Redirect Host(New nexthop: 192.168.0.1)
>
>and it really spits this message out... about 40/sec.
>and after about a 120 i get this message:
> 
>From 192.168.0.1 icmp_seq=1 Time to live exceeded
>
>This is the syslog:
> 
>Mar 26 16:32:25  racoon: INFO: isakmp.c:1358:isakmp_open(): 192.168.0.1[500]
>used as isakmp port (fd=10)
>Mar 26 16:32:25  racoon: INFO: isakmp.c:1358:isakmp_open():
>217.211.31.62[500] used as isakmp port (fd=9)
>Mar 26 16:32:25  racoon: INFO: isakmp.c:1358:isakmp_open(): 127.0.0.1[500]
>used as isakmp port (fd=8)
>Mar 26 16:32:25  racoon: INFO: isakmp.c:1358:isakmp_open():
>192.168.0.20[500] used as isakmp port (fd=7)
>Mar 26 16:32:13  racoon: INFO: isakmp.c:1358:isakmp_open(): 192.168.0.1[500]
>used as isakmp port (fd=10)
>Mar 26 16:32:13  racoon: INFO: isakmp.c:1358:isakmp_open():
>217.211.31.62[500] used as isakmp port (fd=9)
>Mar 26 16:32:13  racoon: INFO: isakmp.c:1358:isakmp_open(): 127.0.0.1[500]
>used as isakmp port (fd=8)
>Mar 26 16:32:13  racoon: INFO: isakmp.c:1358:isakmp_open():
>192.168.0.20[500] used as isakmp port (fd=7)
> 
>If I have a working pptpserver running on the same box could that cause a
>problem? (No clients connected or anythinng like that but it's running)
>
>  
>