LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 03-25-2010, 02:28 PM   #1
wastingtime
Member
 
Registered: Sep 2004
Posts: 77

Rep: Reputation: 16
site to site vpn racoon with cisco asa 5505 routing issues


I have three locations with a central office connected to two remote locations. At the central office I run on a cisco asa 5505 two site to site vpns. The remote end of the first site is a checkpoint firewall , and the remote end of the second site is racoon on debian.

Both sites are up and working. However, where at the first site traffic goes both ways, at the second site it only works from the central office to the remote office.

For example, I can ssh from a host in the central office to a host in the first remote site (through checkpoint firewall,) then ssh back from that host at the remote office to any host in the central office.

In contrast, after I ssh from a host in the central office to a host in the second remote office (through racoon), I cannot see the central office hosts (ping the ip address of a central office host, ssh, etc. all fail.)

The vpn settings at the central office (the cisco asa 5505) are identical.

So it seems to me that some routing magic is missing on the host running racoon at the second remote office.

Where would such setting reside? racoon config files? iptables?
 
Old 04-02-2010, 12:26 PM   #2
rweaver
Senior Member
 
Registered: Dec 2008
Location: Louisville, OH
Distribution: Debian, CentOS, Slackware, RHEL, Gentoo
Posts: 1,833

Rep: Reputation: 163Reputation: 163
I've personally only ever used raccoon once and it was in a test environment, so I can't offer a lot of information there, you might want to review this configuration (its bsd so not exact, but this was the same guide I used when I set it up: http://www.bsdguides.org/guides/free...ng/vpn_pix.php ) It is also possible you have a iptables issue, but we need to know more information to really be able to diagnose any existing issues, configs, logs, etc.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
site to site vpn cbt... shahg_shahg Linux - Networking 1 04-28-2009 08:00 AM
Remote Access VPN with Racoon to Cisco ASA kuksi Linux - Security 1 07-19-2008 12:27 AM
Site to Site VPN - Internet browsing bence8810 Linux - Networking 2 04-19-2008 11:56 AM
Public IP's for site to site VPN prashanlk Linux - Networking 3 12-16-2007 12:19 PM
racoon as a server to Cisco VPN client etzvetanov Linux - Networking 0 02-01-2007 07:08 AM


All times are GMT -5. The time now is 10:00 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration