[Openswan Users] Problem with networking traffic past the tunnel

Jay Smith me at jayftw.com
Wed Nov 4 08:03:23 EST 2009

    Okay, I do not see an examples folder. Where else can that sysctl.conf
file be? To give you more info: We are indeed using 1 interface. This device
also serves as the gateway for the network. It serves as our DHCP system and
router. It does not serve DNS services though, the Domain Controller does.
Not sure if that additional info helps at all or not.



On Wed, Nov 4, 2009 at 3:15 AM, Paul Wouters <paul at xelerance.com> wrote:

> On Tue, 3 Nov 2009, Jay Smith wrote:
>  ---------------------------
>> Checking your system to see if IPsec got installed and started correctly:
>> Version check and ipsec on-path                                 [OK]
>> Linux Openswan U2.6.16/K2.6.27.19-5-pae (netkey)
>> Checking for IPsec support in kernel                            [OK]
>> NETKEY detected, testing for disabled ICMP send_redirects       [FAILED]
>>   Please disable /proc/sys/net/ipv4/conf/*/send_redirects
>>   or NETKEY will cause the sending of bogus ICMP redirects!
>> NETKEY detected, testing for disabled ICMP accept_redirects     [FAILED]
>>   Please disable /proc/sys/net/ipv4/conf/*/accept_redirects
>>   or NETKEY will accept bogus ICMP redirects!
> If using 1 interface for incoming and outgoing packets, this needs to
> be fixed. See /etc/ipsec.d/examples/sysctl.conf
> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20091104/1e4f8ab6/attachment.html 

More information about the Users mailing list