Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 23 May 2000 16:00:14 +0100
From:      Brian Somers <brian@Awfulhak.org>
To:        Josh Tiefenbach <josh@zipperup.org>
Cc:        Renaud Waldura <renaud@evolunet.com>, freebsd-net@FreeBSD.ORG, brian@hak.lan.Awfulhak.org
Subject:   Re: PPP dropping IPSec packets? 
Message-ID:  <200005231500.QAA03189@hak.lan.Awfulhak.org>
In-Reply-To: Message from Josh Tiefenbach <josh@zipperup.org>  of "Tue, 23 May 2000 10:24:07 EDT." <20000523102407.A52508@zipperup.org>
next in thread | previous in thread | raw e-mail | index | archive | help 
Do they get reported if you ``set log +tcp/ip'' ?  Also, please make 
sure you've got the very latest version of ppp (000523 from my web 
site or from people.freebsd.org/~brian) as I've just committed a 
forgotten patch that may be relevant (although I don't think it will 
be).

If the latest ppp code doesn't show the data in the logs, I'd suspect 
the problems in libalias....

> > I try to ping the remote end of the encrypted link, but the packets
> > never make it back to me. They do flow from tun1 to tun0 to eth0
> > to the telco router to ... to the remote site, _which_replies_ 
> > to my ICMP echo, but for some reason PPP drops the IPSec packets,
> > they never come back up to neither tun0 (tunnel interface opened
> > by ppp), nor to tun1 (tunnel opened by pipsecd).
> > 
> > But they *do* make it back to the Ethernet interface, they're
> > just not transmitted back to the tunnel tun0.
> 
> I had the *exact* same problem. 
> 
> You dont mention whether or not you are using NAT on your gateway box. I
> noticed that when I turned off ppp's NAT facility that the pipsecd tunnel
> automagically started to work.
> 
> I havent had the chance to delve any further, but it would appear that either
> ppp or libalias has some problems trying to map ESP packets.
> 
> josh
> 
> -- 
> "Just because we know the value of G won't make better cell phones"
>                                                             -- Jens Gundlach

-- 
Brian <brian@Awfulhak.org>                        <brian@[uk.]FreeBSD.org>
      <http://www.Awfulhak.org>;                   <brian@[uk.]OpenBSD.org>
Don't _EVER_ lose your sense of humour !




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200005231500.QAA03189>