[Bug 248474] NAT broken on IPsec/VTI [if_ipsec]
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Aug 6 12:28:51 UTC 2020
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=248474
--- Comment #17 from Andrey V. Elsukov <ae at FreeBSD.org> ---
Did you tried disable if_enc's pfil handling?
% sysctl net.enc | grep filter
net.enc.out.ipsec_filter_mask: 0
net.enc.in.ipsec_filter_mask: 0
Also you can try enable filtertunnel variable
% sysctl net | grep filtertunnel
net.inet.ipsec.filtertunnel: 1
net.inet6.ipsec6.filtertunnel: 1
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-net
mailing list