[Openswan Users] KLIPS not responding to 348+ byte ESP-in-UDP
packets?
Paul Wouters
paul at xelerance.com
Sat Aug 28 00:31:38 CEST 2004
On Fri, 27 Aug 2004, Toby Corkindale wrote:
> For this example, I have a 2.6.8.1 machine with native IPSEC, sitting behind a
> NAT firewall. It is connecting to a 2.4.27 machine running KLIPS.
> Both machines are using Openswan 2.1.5.
> I now try pinging the host via the tunnel. Pings (up to -s 287) work fine, but
> after that, it fails to respond.
Can you try and add compression=no to both ends. I have a strong sspicion
compression+nat-t is broken on 2.4 with klips currently. Perhaps also on 2.6
with klips (Nate?)
Regarless, can you mail me back the results...
Paul
More information about the Users
mailing list