is anyone in here versed in the art of ipsec-tools? i have a tunnel mode vpn (manual keying) set up between two slackware machines in a test setup. When I ping to the LAN interface of the remote peer from the LAN interface of the local peer the tunnel is used and things work fine. When i try to ping the LAN interface of the remote peer from a machine on the local network the packets appear to get dropped by the local gateway. If I ping from the LAN interface of the remote peer to the client on the local LAN the packets traverse the tunnel and the local client responds, but it's reply packets are dropped by the local gateway. It seems to me that there is some sort of forwarding/routing problem, but i can't for the life of me find it. ip_forward is turned on, the iptables chains are all ACCEPT. Regular routing appears to work fine, from the local client i am able to ping the external interface of the remote peer, and before i set up the ipsec policies i was able to ping from lan to lan. I put together a quick diagram (yes it is visio) of the setup along with the setkey configurations for both peers at http://images.blissfulidiot.com/ipsec.jpg If anyone has a though, I'd love to hear it. -Tom
