[sclug] VPN Help Needed
Dickon Hood
sclug at splurge.fluff.org
Sat Aug 13 13:49:54 UTC 2005
On Sat, Aug 13, 2005 at 13:29:10 +0000, Tom Dawes-Gamble wrote:
: Hi Guys,
: I'm trying to get a VPN Working from IpCop (openSWAN) and a Draytek
: Vigor 2600. According to the IpCop documentation if you can't ping and
: traceroute the remote end forget it. Well I can ping and get a to the
: Web interface on the Draytek but traceroute fails.
: If I run traceroute from a server in harbour exchange I end up with
: 16 217.41.172.73 (217.41.172.73) 16.215 ms 14.693 ms 20.950 ms
: 17 217.41.216.2 (217.41.216.2) 8.003 ms 10.290 ms 8.670 ms
: 18 217.32.86.6 (217.32.86.6) 6.667 ms 6.731 ms 6.694 ms
: 19 host86-128-210-103.range86-128.btcentralplus.com (86.128.210.103)
: 19.059 ms 18.888 ms 17.850 ms
: If I tracetroute from my home sysytem
: 12 * * *
: 13 217.41.216.2 (217.41.216.2) 38.330 ms 33.377 ms 36.048 ms
: 14 217.32.86.6 (217.32.86.6) 37.563 ms 35.699 ms 33.375 ms
: 15 * * *
: And it doesn't get any further.
: So given that both traces get to 217.32.86.6 and the 86.128.210.103 the
: next place why does it fail from my home system?
If I had to guess, I'd say that you've managed to convince your server
that your home system is at the end of your VPN, so it's trying to send a
packet back from there over it, and can't.
A dump of 'netstat -nr' from both hosts would be useful.
: Does anyone have a working OpenSWAN VPN I can use to test with to try
: and sort out where my problem lies?
Can't help there, I'm afraid.
--
Dickon Hood
Due to constant nagging to change it, my .sig is temporarily unavailable.
Normal service will be resumed as soon as possible. We apologise for the
inconvenience in the meantime.
More information about the Sclug
mailing list