NAT before IPSEC - reply packets stuck at enc0
Andrey V. Elsukov
bu7cher at yandex.ru
Mon Jul 24 11:30:12 UTC 2017
On 24.07.2017 14:18, Andrey V. Elsukov wrote:
> According your tcpdump output, you need to set
> net.enc.out.ipsec_filter_mask=2
>
Sorry, this should be
net.enc.in.ipsec_filter_mask=2
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20170724/ef744ce0/attachment.sig>
More information about the freebsd-net
mailing list