[Openswan Users] Drooping of return packets.

Paul Wouters paul at xelerance.com
Wed Jan 19 14:13:03 CET 2005

On Wed, 19 Jan 2005, Vinod Chandran wrote:

[CC: to user dropped, MX records didn't work?]
> I am currently using super-freeswan on Kernel 2.4.26.

That is *very* old.

> When the box is booting up, when I try to ping from a node on the LAN side, 
> at certain instances it doesnt work.

That all depends on how you load and/or start your connections, and when
openswan starts.

> When I see the tcpdump I find that the ICMP request goes on eth0 interface , 
> while the ICMP reply goes on to the ipsec0 interface. Since there was no 
> tunnel configured, the packet gets dropped.

Why would a packet hit ipsec0 without a configured tunnel? There has to be
some routing changes that happened to cause the packet to hit an ipsec device.

> In the known problems section for Kernel 2.6, I found one known issue pretty 
> similar to this:

That' has to do with OE and 2.6 kernels, and has nothing to do with what
you are describing. Superfreeswan has no 'policy files'.


More information about the Users mailing list