IPSec S2S peer B host cannot receive ICMP reply or access host resources on peer A

Question

I've got an IPSec S2S tunnel setup. The VPN is connected, tunnel established.

Here's the network topology:

(for reference, I am Peer A)

Problem:

host A pings host B and gets reply (this is not a problem, just giving context)
The problem:host B pings host A and does not get reply (and cannot access resources on host A)

When host B pings host A, I can see the ICMP packets passing through the ER-X at peer A, arriving on host A, and replies being sent from host A to host B, but host B never receives the replies. The admin at Peer B says the replies not arriving on their side of the tunnel.

What am I missing?

autobottodoggo · Accepted Answer · 2024-02-29 20:37:48Z

0

Answer: the problem was SPI firewall on the peer A gateway

answered Feb 29 at 20:37

autobottodoggo

5892 gold badges7 silver badges18 bronze badges

Add a comment |

Stack Exchange Network

IPSec S2S peer B host cannot receive ICMP reply or access host resources on peer A

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged
networking
vpn
routing
ipsec
.

Hot Network Questions

IPSec S2S peer B host cannot receive ICMP reply or access host resources on peer A

1 Answer 1

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged networkingvpnroutingipsec.

Related

Hot Network Questions

Not the answer you're looking for? Browse other questions tagged
networking
vpn
routing
ipsec
.