[Openswan Users] Cannot get packets to pass
Scott Weis
kb2ear at kb2ear.net
Thu Feb 12 14:25:21 EST 2009
Downgrading to 2.4.13 fixed the problem.
Thanks
-----Original Message-----
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of Ruben Laban
Sent: Thursday, February 12, 2009 2:53 AM
To: users at openswan.org
Subject: Re: [Openswan Users] Cannot get packets to pass
On Wednesday 11 February 2009 at 19:42 (CET), Scott Weis wrote:
> Hi,
>
> I have been beating my head against the wall for the last 24 hours trying
> to get a tunnel up between my Openswan Linux box and my Astaro firewall.
> Both ends show the tunnel as being up.
>
> If I do a tcpdump on ipsec0 on the Linux box I can see packets coming from
> the Astaro box to my local network. I also see replies from my network.
>
> If I do a tcpdump on the Astaro I see packet going to my network but never
> anything back.
>
> Running openswan 2.6.20
>
> Any ideas???
This seems to be yet another case of :
http://bugs.xelerance.com/view.php?id=985
This bug seems to hit more and more people every day now.
In short: with openswan 2.6.x + klips + recent kernel, decryption works,
encryption doesn't.
For the workarounds are downgrade either kernel (not sure how far exactly),
or
downgrade openswan to 2.4.13.
HTH
--
Regards,
Ruben Laban
Systems and Network Administrator
ISM eCompany
_______________________________________________
Users at openswan.org
http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list