Hi forum, I have been tinkering with ipsec for some time and it reports that a connection is established and i have made sure that all my configs work ok though i cannot ping any system on the second subnet. I ran an nmap scan and all the ports that ipsec uses are closed(port 500 and 4500) so i turned off iptables on both systems just to make sure that they were not bieng bloked by the firewall but i get the same result they are closed. How can i open the ports on both systems since i will not be using any firewall on any of the two systems. Thanks for any help

if you turned off iptables on both systems, then sounds like your problem is with the network itself. I'm willing to bet you have the netmask configured wrong. On both systems show me the output of "ifconfig -a" and I can tell you if you've got it setup correctly. Basically, you want to make sure if they're on two different subnets you're not using a netmask of 255.255.255.0. For example. if you have one machine at192.168.1.20 and another at 192.168.2.20 and both have netmasks of 255.255.255.0 then they will *only* be able to talk to machines on the same netmask. In the case above you want your netmask to be 255.255.0.0 . :)

[quote=Khabi] For example. if you have one machine at192.168.1.20 and another at 192.168.2.20 and both have netmasks of 255.255.255.0 then they will *only* be able to talk to machines on the same netmask. In the case above you want your netmask to be 255.255.0.0 . :)[/quote]

You were absolutely right, I checked the netmask on both subnets and it seemed like i had completely over looked the netmask(both were 255.255.255.0) on changing that to 255.255.0.0 i could ping from either sides of the two subnets which is a breakthu for me. Thanks a million

no problem. Glad i could help. :)