[Swan] one way ping

[John Crisp]

I'm sure i have had this before, and I found a solution, but beating my
head against a wall.

I have a Endian <-> Libre 3.23 v2 ipsec tunnel

It uses certificates and the tunnel comes up fine.

However, once up I can only ping from the Libre end -> Endian.

Once a ping has been sent, magically I can ping from the Endian back to
Libre

The irony about this is that the firewall on both ends is automagically
set. It isn't done by hand. Same with the ipsec configurations. Box
filling on Endian, my own templating on Libreswan.

And I have a number of other boxes with identical setups barring static
IP addresses and local networks.

If I keep a ping going from Endian it continues, but if I stop the
traffic it goes off again after a fairly short period.

I can see the ping go out on the Endian Firewall, but nothing on
iptables on the Libreswan.

Now, just to compound it, this has happened on TWO Libre machines I set
up one immediately after the other. Yet the other 3 near identical ones
all chug along happily...

I'm sure this is mind numbingly simple and I have missed something so
obvious, but I can't see the wood from the trees right now !

Any suggestions as to which rock to look under, or something to test
would be gratefully received. I know it isn't a Libre issue - just my
own stupidity !

B. Rgds
John

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20180720/9b8fd6e5/attachment.sig>