[Openswan Users] Strange problem after updating from kernel 2.6.8 to 2.6.18

Balázs Bárány bb at apc.ag
Mon Dec 10 05:41:11 EST 2007


I have a very strange problem with Openswan. 

I upgraded my server from Debian Sarge to Debian Etch, so the kernel got
upgraded from 2.6.8 to 2.6.18 and Openswan to 2.4.6. 

But IPSEC simply stopped working. Everything is reported as OK, the SAs are
there, routes correct, everything. However, not data go through the tunnel. 

Only rebooting to 2.6.8 helps. With that, everything works perfectly. (I'd
like to use the new functions of 2.6.18, so this is not a perfect solution.)

I'm very sure that it isn't a firewall problem. I let through all IPSEC
packets using iptables "-m policy --pol ipsec" and got matches in "iptables
-L -n -v", so the packets should be accepted by the firewall. Also, all my
chains have a LOG target at the end so I should notice if the packets get

Any ideas what could be wrong?

Balázs Bárány
Information Services Development
apc interactive solutions AG
Brigittenauer Lände 50-54/1, 2.OG
A-1200 Wien

More information about the Users mailing list