[Openswan Users] SSH freezes, openswan to Stonegate

simon charles charlessimon at hotmail.com
Mon Mar 23 11:22:40 EDT 2009 

Hi !
    Check your mtu settings - i would recommend a setting of  "< 1400".
      Thanks !

- Simon Charles - 




> From: ataraxia_72 at hotmail.com
> To: users at openswan.org
> Date: Mon, 23 Mar 2009 06:59:20 -0700
> Subject: [Openswan Users] SSH freezes, openswan to Stonegate
> 
> 
> Hello all,
> 
> We have an IPsec tunnel between a Linux box (Ubuntu Hardy) and a Stonegate firewall. We can ssh through the tunnel, but once we have a working shell, it freezes after some 8 commands. It seems to be data-volume-related, since a 'top' command freezes it immediately.
> 
> Here's my Openswan config:
> 
> conn tresm-knx
>     auth=esp
>     auto=start
>     authby=secret
>     type=tunnel
>     keyexchange=ike
>     pfs=no
>     left=ubuntu.public.ip.address
>     leftsubnet=192.168.131.0/24
>     right=stonegate.public.ip.address
>     rightsubnet=10.154.200.0/24
>     keyingtries=0
> 
> The Linux box has Shorewall 4, but it freezes even if shorewall is stopped
> 
> Is there a setting I am missing that allows for a fluid data stream? Or the other way around, something I have is preventing the data from flowing?
> 
> I have the Stonegate side set to no compression, however I do not know if Openswan, in absence of a declared setting, takes a default configuration that may be conflicting with the tunnel's operation.
> 
> All and any help with this issue is greatly appreciated.
> 
> 
> 
> _________________________________________________________________
> Get quick access to your favorite MSN content with Internet Explorer 8. 
> http://ie8.msn.com/microsoft/internet-explorer-8/en-us/ie8.aspx?ocid=B037MSN55C0701A
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan: 
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090323/94ef0a1a/attachment.html

More information about the Users mailing list