[Swan] Traffic not routing down tunnel

Lennart Sorensen lsorense at csclub.uwaterloo.ca
Mon Jan 19 22:57:22 EET 2015


On Sun, Jan 18, 2015 at 09:39:27AM +0000, Phil Daws wrote:
> I have tried with 10.1.10.1 on the left and 10.2.10.1 on the right but still the same issue. What ever source IP I use it still achieves the same result.  As I have a VPN terminating within the gateway if I try and connect to a remote node on the 10.2.10.0/24 network I see the traffic arrive on the VPN interface:
> 
> 09:34:44.716178 IP 172.16.10.2.63788 > 10.2.10.10.22: Flags [S], seq 915452653, win 65535, options [mss 1368,nop,wscale 0,nop,nop,sackOK], length 0
> 
> and it is being routed to the correct interface as per the routing table:
> 
> 10.2.0.0/16 dev eth0  scope link  src 10.1.10.1
> 
> but then it hits eth0 without being sent down the tunnel by the looks of it ?
> 
> 09:12:31.908884 IP 37.XXX.XXX.XXX.63332 > 10.2.10.10.22: Flags [S], seq 1092218068, win 65535, options [mss 1368,nop,wscale 0,nop,nop,sackOK], length 0
> 09:12:34.918210 IP 37.XXX.XXX.XXX.63332 > 10.2.10.10.22: Flags [S], seq 1092218068, win 65535, options [mss 1368,nop,wscale 0,nop,nop,sackOK], length 0
> 
> surely something must be fundamentally wrong with the configuration ? :(

Often it helps to completely get rid of the firewall while testing,
in case you screwed it up.

Without seeing the entire firewall config it is hard to say.

-- 
Len Sorensen


More information about the Swan mailing list