28 Mar
2014
28 Mar
'14
12:17 a.m.
I'm no expert, but have a look at the output of ip xfrm policy show, which will indicate which addresses are to be forwarded over the IPSec tunnel.
That all looks fine, same as setkey -DP, except setkey -DP gives extra info that is 'lastused' on the 'send' policy which is updated every time I do a ping. It's just that the packets aren't going anywhere. James