<div dir="ltr">I recently had an issue with a tunnel that was working fine for months, then suddenly traffic that should have gone over the tunnel was going to the gateway instead.<div><br></div><div>I eventually traced the trouble to two xfrm policies:</div><div><br></div><div>One policy had 'action block' for the src, dst, and dport of the traffic I was sending.</div><div><br></div><div>The other policy had 'proto tcp', instead of 'proto esp', for the src and dst. The correct policies to send the traffic over the tunnel were also present, but these two policies seemed to take precedence. Once I deleted them the traffic went over the tunnel.</div><div><br></div><div>My question, is where did these policies suddenly come from. There was nothing in '/etc/ipsec.d/policies/block', and as far as I know, nobody would have gone in and manually created them. <br clear="all"><div><div class="gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr"><div dir="ltr">
        
        
        


<p style="font-size:14px;font-family:Arial,sans-serif;color:rgb(0,85,150);font-weight:bold;padding-bottom:5px;margin:0px;line-height:18px">--</p><p style="font-size:14px;font-family:Arial,sans-serif;color:rgb(0,85,150);font-weight:bold;padding-bottom:5px;margin:0px;line-height:18px">Steve MacDougall<br></p><p style="font-size:12px;font-family:Arial,sans-serif;color:rgb(114,114,114);padding:0px;margin:0px;line-height:16px">Sr. Systems/Network Administrator</p><p style="font-size:12px;font-family:Arial,sans-serif;color:rgb(114,114,114);padding:0px;margin:0px;line-height:16px">647.258.3704 Direct</p><p style="font-size:12px;font-family:Arial,sans-serif;color:rgb(114,114,114);padding:0px;margin:0px;line-height:16px">289.924.1086 Mobile</p><p style="font-size:12px;font-family:Arial,sans-serif;color:rgb(0,85,150);padding:0px;margin:0px;line-height:16px"><a href="mailto:smacdougall@bluepay.ca" target="_blank">smacdougall@bluepay.ca</a></p><table cellpadding="0" cellspacing="0" border="0" style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium;margin:0px;padding:0px;line-height:16px"><tbody><tr><td><table cellpadding="0" cellspacing="0" border="0" style="margin:0px;padding:0px"><tbody><tr><td width="168" height="68"><a href="http://www.bluepay.com/" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/bluepay.png" width="168" height="53" alt="BluePay, Inc." style="outline:none;display:block;border:none;margin:0px"></a></td></tr></tbody></table></td></tr><tr><td><table cellpadding="0" cellspacing="0" border="0" style="margin:0px;padding:0px;width:174px"><tbody><tr><td width="29"><a href="https://twitter.com/BluePay" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/twitter.png" width="25" height="25" alt="Twitter" style="outline:none;display:block;border:none"></a></td><td width="29"><a href="https://www.linkedin.com/company/bluepay-inc-" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/linkedin.png" width="25" height="25" alt="Linkedin" style="outline:none;display:block;border:none"></a></td><td width="29"><a href="http://www.facebook.com/bluepayprocessing" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/facebook.png" width="25" height="25" alt="Facebook" style="outline:none;display:block;border:none"></a></td><td width="29"><a href="https://plus.google.com/+bluepay/posts" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/googleplus.png" width="25" height="25" alt="Google+" style="outline:none;display:block;border:none"></a></td><td width="29"><a href="https://www.youtube.com/channel/UCIiHef9skKlAQUhejcFtUUg" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/youtube.png" width="25" height="25" alt="YouTube" style="outline:none;display:block;border:none"></a></td><td width="29"><a href="http://www.bluepay.com/blog" style="padding:0px;text-decoration:none;display:block" target="_blank"><img src="https://secure.bluepay.com/static/shpf/bpemailsig/blog.png" width="25" height="25" alt="BluePay Blog" style="outline:none;display:block;border:none"></a></td></tr></tbody></table></td></tr></tbody></table><table cellpadding="0" cellspacing="0" border="0" style="color:rgb(0,0,0);font-family:'Times New Roman';font-size:medium;margin:0px;padding:0px;line-height:16px"><tbody></tbody></table><p style="margin-bottom:0cm"><font face="Calibri"><span style="background-image:initial;background-repeat:initial"><span style="font-size:13.3333px"><br></span></span></font><span style="background-image:initial;background-repeat:initial"><br> </span></p>
<p style="margin-bottom:0cm"><br></p></div></div></div></div></div></div></div></div></div></div></div>
</div></div>