[Openswan Users] KLIPS on CentOS 5.1

Sergio Cioban Filho cioban at gmail.com
Tue Dec 2 05:44:03 EST 2008


Hi David,

I don't know if I'm using KLIPS+ALG support. How I do to check this?
In my testing my tunnel is also up fine, but can't receive packets from the
remote end. TX error count is increased in local ipsec0 interface when i try
sent packets to remote end.


Thanks,
Regards,
---
Sérgio Cioban Filho - LPIC1
------------------------------------------------------------
| Linux - Servidores - Firewall - VPN
| Virtualização - VoIP - ShellScript - C - PHP
| http://cioban.googlepages.com
| +55 48 9989-8733
------------------------------------------------------------
..:: Seja livre, use LiNuX!! ::..


On Mon, Dec 1, 2008 at 9:01 PM, David McCullough <
David_Mccullough at securecomputing.com> wrote:

>
> Jivin Paul Wouters lays it down ...
> > On Mon, 1 Dec 2008, Sergio Cioban Filho wrote:
> >
> > > Thanks for yor answer.
> > > I've tried to use version 2.6.19, but same error has ocurred.
> > > The SELinux has disabled.
> > > The output of ipsec barf is attached.
> >
> > I don't see anything wrong. Are you using ping -I ? since you did not
> > add leftsourceip= and rightsourceip= ?
>
> I am looking at a problem in this area.
>
> Are you using KLIPS + ALG support ?
>
> In my testing the tunnel is up fine, can receive packets from the
> remote end ok, but if you turn on debug at the remote end the packets being
> by KLIPS+ALG are not healthy.
>
> Can you check packets coming the other way ?
>
> Cheers,
> Davidm
>
> --
> David McCullough,  david_mccullough at securecomputing.com,   Ph:+61
> 734352815
> Secure Computing - SnapGear  http://www.uCdot.org
> http://www.snapgear.com
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20081202/027c9456/attachment.html 


More information about the Users mailing list