I have a odd problem with a new VPN we setup. Its a 2851 <--> Openswan Linux box. They tunnel comes up just fine. On the 2851 side we have a /24 and on the Openswan side we have a /19 and a /26. You can ping from any device in these ranges to any other. Even adjusting the ping to 1500 bytes it all works. Now the first thing we tried to do after this was SSH. We can ssh from the /19 (site b, behind the Openswan) to the /24 (site a, 2851) all day long without issue. We can also do the opposite (site a to site b /19). We also can SSH from the 2851 /24 to the Openswan /26. However the /26 at site b can not ssh to the 2851 /24. Watching the logs and such we can see the ssh packet gets to the box and the box sends a response just the 2851 does not sends the reply down the tunnel. It just seems to ignore it. I can not seem to find why 2851 will not send an ssh session initiated from b /26 back to it when it will send a session initiated from a /24 down to the b /26.
Both the /19 and /26 are in the same ACL, just the /26 is not working fully.
Used the SDM to setup the tunnel.
That make sense? Need configs?