Hello,<br> Okay, I do not see an examples folder. Where else can that sysctl.conf file be? To give you more info: We are indeed using 1 interface. This device also serves as the gateway for the network. It serves as our DHCP system and router. It does not serve DNS services though, the Domain Controller does. Not sure if that additional info helps at all or not. <br>
<br clear="all">Sincerely, <br><br>Jay<br><br><br>
<br><br><div class="gmail_quote">On Wed, Nov 4, 2009 at 3:15 AM, Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com" target="_blank">paul@xelerance.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div>On Tue, 3 Nov 2009, Jay Smith wrote:<br>
<br>
</div><div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
---------------------------<br>
Checking your system to see if IPsec got installed and started correctly:<br>
Version check and ipsec on-path [OK]<br>
Linux Openswan U2.6.16/K2.6.27.19-5-pae (netkey)<br>
Checking for IPsec support in kernel [OK]<br>
NETKEY detected, testing for disabled ICMP send_redirects [FAILED]<br>
<br>
Please disable /proc/sys/net/ipv4/conf/*/send_redirects<br>
or NETKEY will cause the sending of bogus ICMP redirects!<br>
<br>
NETKEY detected, testing for disabled ICMP accept_redirects [FAILED]<br>
<br>
Please disable /proc/sys/net/ipv4/conf/*/accept_redirects<br>
or NETKEY will accept bogus ICMP redirects!<br>
</blockquote>
<br></div>
If using 1 interface for incoming and outgoing packets, this needs to<br>
be fixed. See /etc/ipsec.d/examples/sysctl.conf<br><font color="#888888">
<br>
Paul<br>
</font></blockquote></div><br>