[Openswan Users] unencrypted l2tp packets
Paul Wouters
paul at xelerance.com
Mon Aug 21 10:22:20 EDT 2006
On Mon, 21 Aug 2006, Brett Curtis wrote:
> AllI see now in tcpdump is the following after a successful "IPsec SA
> established":
>
> 09:58:34.770542 IP rrcs-24-39-31-52.nys.biz.rr.com.47650 >
> server.myhost.net.ipsec-nat-t: UDP-encap: ESP(spi=0x5a111da5,seq=0x4), length
> 140
>
> until ipsec deletes the connection.
>
> I am thinking this is a kernel or firewall issues because both have changed..
> My related firewall rules. Ipsec is running on the firewall :
try disabling all of these rules and see if it works. If not, then run ipsec
verify and check the various /proc settings. Perhaps fiddle with the
external mtu set to 1472 and/or the internal mtu set to 1300.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list