[Openswan Users] Drooping of return packets.
paul at xelerance.com
Wed Jan 19 14:13:03 CET 2005
On Wed, 19 Jan 2005, Vinod Chandran wrote:
[CC: to user dropped, MX records didn't work?]
> I am currently using super-freeswan 184.108.40.206 on Kernel 2.4.26.
That is *very* old.
> When the box is booting up, when I try to ping from a node on the LAN side,
> at certain instances it doesnt work.
That all depends on how you load and/or start your connections, and when
> When I see the tcpdump I find that the ICMP request goes on eth0 interface ,
> while the ICMP reply goes on to the ipsec0 interface. Since there was no
> tunnel configured, the packet gets dropped.
Why would a packet hit ipsec0 without a configured tunnel? There has to be
some routing changes that happened to cause the packet to hit an ipsec device.
> In the known problems section for Kernel 2.6, I found one known issue pretty
> similar to this:
That' has to do with OE and 2.6 kernels, and has nothing to do with what
you are describing. Superfreeswan has no 'policy files'.
More information about the Users