ClearFoundation

I have OpenSwan running on a ClearOS 6 box for a couple site to site VPNs. They were working flawlessly until this morning, and as far as I know nothing has changed. The tunnel still appears to be up and I can ping clients on the other network, but when I try to access a printer, file server, or web server on the remote network I can't seem to connect. However when I am on a computer on the remote network I have no trouble connecting to the same types of devices on the local network. Any ideas?

I think I've seen this when a tunnel drops and re-establishes itself automatically. Something in the routing gets lost, but I've no idea how to troubleshoot it. I wrote a small script to do occasional pings and restart the tunnel if necessary. Do you see anything in /var/log/secure to indicate a tunnel restart?

Its doesn't appear to be resetting. I never have problems pinging. But this message comes up every few seconds:

Can I suggest you restart ipsec at one or both ends? Check the IP address from your message is the remote IP address in your set up.

I've restarted ipsec numerous times on the box having issues.
I've even reinstalled ipsec and still have the same issue.

I think that message i posted is actually just a response to other remote boxes where I have a connection set up on the remote box, but not the local box, so i don't think it is relevant.

The really bizarre thing is that ping always works when the tunnel is up, but real connections from the remote boxes do not.
The tunnel lets traffic go in only one direction, but you can ping in either direction.
If I can't fix it before this afternoon I'm going to reinstall clearos and see if that fixes the problem.

The problem could be the IP address being used at the remote end and what is configured at the local end. When you say pinging works, is that pinging a remote LAN IP?

Yes.
Local subnet is 10.0.0.0
remote is 10.10.50.0
and I can ping either end using those ip trunks.

I think it must be something with the routes or the firewall, but I can't find the problem.

Well I reinstalled ClearOS and that solved the problem.
I would like to figure out how to solve this problem in the future if it happens again, but it can't be anything with ipsec, because I used the exact same configuration after the reinstall.

The only thing I can think is that somehow the firewall was blocking incoming connections from the remote lan ips, but I can't figure out why the sudden change.

I suppose it could have something to do with routes, but I don't know enough about that.

This issue has surfaced again.(To reiterate, I can ping from either end using the local ip addresses, and I can connect to different devices using a range of protocols in the direction of local -> remote, but not remote -> local.)

Here are the things I can track down that happened between when the tunnel was functioning normally and when the tunnel became ping only for the remote end:

Added this line to the custom firewall:
iptables -t nat -I PREROUTING -s 10.0.0.222 -j ACCEPT

Enabled the Web Proxy, Content Filter, and Protocol Filter.
The protocol filter is blocking (boxes checked) everything in the p2p and virus categories.

I've tried deleting and re-adding the connections, with the hope the the route would be wiped and redrawn, but it had no affect.
I even tried to use the ipsec auto --unroute command after deleting the connection.

Help me Nick Howitt, you're my only hope.

Can you give the output to:
Please also post the your config files - /etc/ipsec.conf and /etc/ipsec.d/*.conf.
Do you know if your WAN has dropped at some time? Have a look in /var/log/syswatch.

When posting, to make it easier to read, please put the results between [ code ] and [ /code ] tags, removing the spaces between the [ and ].

Lastly, can you try adding the rule: