[Openswan Users] Problem with networking traffic past the tunnel
Paul Wouters
paul at xelerance.com
Wed Nov 4 04:15:41 EST 2009
On Tue, 3 Nov 2009, Jay Smith wrote:
> ---------------------------
> Checking your system to see if IPsec got installed and started correctly:
> Version check and ipsec on-path [OK]
> Linux Openswan U2.6.16/K2.6.27.19-5-pae (netkey)
> Checking for IPsec support in kernel [OK]
> NETKEY detected, testing for disabled ICMP send_redirects [FAILED]
>
> Please disable /proc/sys/net/ipv4/conf/*/send_redirects
> or NETKEY will cause the sending of bogus ICMP redirects!
>
> NETKEY detected, testing for disabled ICMP accept_redirects [FAILED]
>
> Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
> or NETKEY will accept bogus ICMP redirects!
If using 1 interface for incoming and outgoing packets, this needs to
be fixed. See /etc/ipsec.d/examples/sysctl.conf
Paul
More information about the Users
mailing list