[Openswan Users] Cannot get packets to pass
Ruben Laban
r.laban at ism.nl
Thu Feb 12 02:53:15 EST 2009
On Wednesday 11 February 2009 at 19:42 (CET), Scott Weis wrote:
> Hi,
>
> I have been beating my head against the wall for the last 24 hours trying
> to get a tunnel up between my Openswan Linux box and my Astaro firewall.
> Both ends show the tunnel as being up.
>
> If I do a tcpdump on ipsec0 on the Linux box I can see packets coming from
> the Astaro box to my local network. I also see replies from my network.
>
> If I do a tcpdump on the Astaro I see packet going to my network but never
> anything back.
>
> Running openswan 2.6.20
>
> Any ideas???
This seems to be yet another case of :
http://bugs.xelerance.com/view.php?id=985
This bug seems to hit more and more people every day now.
In short: with openswan 2.6.x + klips + recent kernel, decryption works,
encryption doesn't.
For the workarounds are downgrade either kernel (not sure how far exactly), or
downgrade openswan to 2.4.13.
HTH
--
Regards,
Ruben Laban
Systems and Network Administrator
ISM eCompany
More information about the Users
mailing list