Date: Fri, 24 Jul 2015 15:10:58 +0300 From: Alexandr Krivulya <shuriku@shurik.kiev.ua> To: "Andrey V. Elsukov" <ae@FreeBSD.org>, FreeBSD CURRENT <freebsd-current@freebsd.org> Subject: Re: IPSEC stop works after r285336 Message-ID: <55B22B52.9030402@shurik.kiev.ua> In-Reply-To: <55B21124.9020802@FreeBSD.org> References: <55B099F6.8000004@shurik.kiev.ua> <55B21124.9020802@FreeBSD.org>
next in thread | previous in thread | raw e-mail | index | archive | help
24.07.2015 13:19, Andrey V. Elsukov пишет: > On 23.07.2015 10:38, Alexandr Krivulya wrote: >> I have IPSEC tunnel inside l2tp tunnel via mpd. After r285536 I see only >> outgoing esp packets on ng interface: > What FreeBSD version do you use? > Please check https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=192774 > and your security policies configuration. > I think it is not my situation. I'm using latest CURRENT r285833 with rules: root@thinkpad:/usr/src # setkey -DP 0.0.0.0/0[any] 10.10.10.2[any] any in ipsec esp/tunnel/10.10.10.1-10.10.10.2/require spid=3 seq=1 pid=14609 refcnt=1 10.10.10.2[any] 0.0.0.0/0[any] any out ipsec esp/tunnel/10.10.10.2-10.10.10.1/require spid=4 seq=0 pid=14609 refcnt=1 In that bug L2TP use IPSEC in transport mode, but in my scenario IPSEC in tunnel mode inside L2TP. And it works fine prior to r285536.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?55B22B52.9030402>