I'm using openswan to link two machines via IPSec. The tunnel comes online fine and I have connectivity to each endpoint via the VPN.
However, when the tunnel is up, I lose connectivity to the public endpoint IP addresses. For example, pinging site A public address 1.2.3.4 from site B public address 4.5.6.7 (and visa versa) fails.
When the tunnel is up, I noticed something curious that could explain this behavior.
#ip xfrm policy
src 1.2.3.4/32 dst 4.5.6.7/32
dir out priority 2080 ptype main
tmpl src 0.0.0.0 dst 0.0.0.0
proto esp reqid 0 mode transport
I snipped out the reamining output as it only contains entries that make sense (the private networks connected by the tunnel).
Any ideas what I'm missing?