Koozali.org: home of the SME Server

Legacy Forums => Experienced User Forum => Topic started by: Kelvin on April 17, 2004, 09:08:58 AM

Title: Strange Freeswan and network behaviour (SME 5.6)
Post by: Kelvin on April 17, 2004, 09:08:58 AM

Hi,

I've got one site connecting to their head office using freeswan. The setup's been working up until recently.

The telco "accidentally" pulled the plug on the ADSL service which left them with no internet access for about 2 weeks. After much finger pointing, etc., ADSL services have now been reinstated. However, while they were on a bridged setup with a static IP before, they are now on PPPoE and being assigned the same IP each time it logs on.

Then the strange behaviour began. All workstations were DHCP clients with the SME server setup as the DHCP server. On the Windows workstations (they are all Windows 2000), when you ping any of the other workstation's name you get the public IP address of the SME server ! Eg. layout (addresses are made up):-

SME Server (WAN IP : 203.100.200.122, LAN IP : 192.168.1.1)
WorkstationA : 192.168.1.100
WorkstationB : 192.168.1.101
.
.

If WorkstationA pings WorkstationB by name, Windows tries to ping 203.100.200.122 ! The same occurs if WorkstationB tries to ping WorkstationA by name. If they try to ping the SME server by name, they also get 203.100.200.122. This wreaks havoc on any drive and printer shares on the network. From the console of the SME server, pinging any of the workstations by name also results in 203.100.200.122 ! I have checked the WINS and DHCP files on the SME server and they have the correct IP addresses in them. I even went as far as to add the PCs into Server Manager's Hostnames and addresses with the PCs MAC addresses to lock them to the IPs but that still did not fix the problem.

I had to set all workstations to static IP addresses in their Network Setup in order to restore drive and print sharing on the network.

The SME server connects via Freeswan to their headoffice. Pinging addresses back and forth of the two LANs works fine, as it always have. The remote office needs to access the mail and terminal servers at the head office. Since the problems began, everything times out trying to access the head office. Outlook Express reports that the POP3 server did not respond in the past 60 secs. Attempts to access webmail results in a blank page. Forget about terminal server access, it times out as well. As I said before, pinging addresses from both ends of the tunnel works fine, just nothing else. If I break the IPSec tunnell, they can access their e-mails from the public side of the head office mail server just fine.

Nothing on the server has changed except the switch from static IP to PPPoE configuration. Anyone have a clue as to where to start looking ?

TIA !

Kelvin