[Openswan Users] Ping through tunnel suddenly stops
Sybille Ebert
sybille.ebert at gmx.net
Mon May 24 17:15:38 CEST 2004
> Are you sure those first few pings are crypted? You cannot run tcpdump and
> check from the sending machine because of the linux packet pie. Instead,
> run tcpdump on the receiving host (or better, use a hub and a third host)
> to double check.
Yes, I used a third machine to check that the packets are indeed encrypted.
> Can you try to manually modprobing the af_key and esp4 modules before your first
> start and then start to see if the problem goes away. If it does, can you then
> edit _startklips and add a 'sleep 5' after modprobing those modules and see if
> that fixes your problem? The netlink and ipsec kernel modules might be taking a
> little bit of time to load or initiate, causing some messages to get lost, or at
> least pluto thinks they are lost, and tries to push thm into the netlink device
> again at a later time.
Modprobing does not help. However, unloading the modules does eliminate
the need for rebooting the "right" gateway which seems to be in question
here.
If it matters, I am actually running two copies of Fedora Core 2 inside
a VMware box. Please let me know if you would like to see any logs.
S
More information about the Users
mailing list