[Openswan Users] Ping Forwarding packet problem

pzlist pzlist at mp.pl
Fri Sep 1 06:12:37 EDT 2006


Is anybody who use 2.6.17 for openswan host to net configuration?
Any bug in kernel ?

how should looks ip xfrm policy? routing?
(I have one rule for ip xfrm policy, routing to destination_ip via my 
router_ip)

ip xfrm monitor shows me
Unknown message: 00000096 0x0000001e 0x00000000

ip_contrack shows me connection as UNREPLIED

I cannot see packets in FORWARD chain ...


Thanks for any help

Pawel



[pzlist pzlist mp.pl ] users-bounces at openswan.org napisa?(a):
> Hi,
>
> after upgrading from 2.4.32 to 2.6.17  my ipsec doesn't work longer
>
> When I try to ping remote host -  I cannot see response (ipsec 
> connection is established)
>
> my tcpdump is able to see icmp reply from remote host - (but not icmp 
> request!)
>
> trace on my router inform me the that ESP packets lease my network  
> and responses (ESP) return to me
>
> my kernel settings:
> rp_filter = 0
> ip_forward = 1
> send_redirects = 0
> accept_redirects = 0
>
> what is wrong?
>
> Maybe someone can help me please....
>
>
> Pawel
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>   





More information about the Users mailing list