[Openswan Users] IPSEC established but TX packets dropped on
ipsec0 interface
Ted Kaczmarek
tedkaz at optonline.net
Thu Aug 12 09:17:18 CEST 2004
On Thu, 2004-08-12 at 10:06 +0200, Daniel Fenert wrote:
> I'm trying to establish network-network conenction between 2 gateways.
>
> No NAT, for testing purposes directly connected. Everything seems to be fine
> IPSEC is established, but no packet is being sent to other peer.
>
> Using tcpdump on ipsec0 interface, I see that packets are generated on source
> machine, but never get to destination, and TX dropped packets are
> increasing on source machine (you can see it in 'barf' attachment).
>
> I've tried to look in the archives of freeswan/openswan lists, but all that I
> got was 'RX packets dropped', and no plain solution besides, that there's some
> misconfiguration :)
>
> I'm using openswan-1.0.7rc1 on 2.4.27 kernel.
> Distro is slackware-10.0.
> On both machines.
>
> I'm attaching ipsec.conf (from one machine, on the other it's identical),
> and compressed ipsec barf.
>
iptables -I FORWARD -i ipsec0 -j ACCEPT
Just a guess, also netstat -rn to confirm both sides have updated their
ribs properly.
Ted
More information about the Users
mailing list