IPSEC stop works after r285336
Alexandr Krivulya
shuriku at shurik.kiev.ua
Fri Jul 24 12:11:13 UTC 2015
24.07.2015 13:19, Andrey V. Elsukov пишет:
> On 23.07.2015 10:38, Alexandr Krivulya wrote:
>> I have IPSEC tunnel inside l2tp tunnel via mpd. After r285536 I see only
>> outgoing esp packets on ng interface:
> What FreeBSD version do you use?
> Please check https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192774
> and your security policies configuration.
>
I think it is not my situation.
I'm using latest CURRENT r285833 with rules:
root at thinkpad:/usr/src # setkey -DP
0.0.0.0/0[any] 10.10.10.2[any] any
in ipsec
esp/tunnel/10.10.10.1-10.10.10.2/require
spid=3 seq=1 pid=14609
refcnt=1
10.10.10.2[any] 0.0.0.0/0[any] any
out ipsec
esp/tunnel/10.10.10.2-10.10.10.1/require
spid=4 seq=0 pid=14609
refcnt=1
In that bug L2TP use IPSEC in transport mode, but in my scenario IPSEC
in tunnel mode inside L2TP. And it works fine prior to r285536.
More information about the freebsd-current
mailing list