From owner-freebsd-security  Mon Dec 10 20:43: 4 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mine.kame.net (kame195.kame.net [203.178.141.195])
	by hub.freebsd.org (Postfix) with ESMTP id 6D54137B41B
	for <security@FreeBSD.org>; Mon, 10 Dec 2001 20:43:02 -0800 (PST)
Received: from localhost ([3ffe:507:1ff:2:49a3:7b82:d1ce:da93])
	by mine.kame.net (8.11.1/3.7W) with ESMTP id fBB4bNS28495;
	Tue, 11 Dec 2001 13:37:24 +0900 (JST)
To: roam@ringlet.net
Cc: security@FreeBSD.org
Subject: Re: IPsec tunnel (manual keying) configuration problem
In-Reply-To: Your message of "Fri, 23 Nov 2001 20:44:44 +0200"
	<20011123204444.A1304@straylight.oblivion.bg>
References: <20011123204444.A1304@straylight.oblivion.bg>
X-Mailer: Cue version 0.6 (011026-1440/sakane)
Mime-Version: 1.0
Content-Type: Text/Plain; charset=us-ascii
Message-Id: <20011211134252T.sakane@kame.net>
Date: Tue, 11 Dec 2001 13:42:52 +0900
From: Shoichi Sakane <sakane@kame.net>
X-Dispatcher: imput version 20000228(IM140)
Lines: 7
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> The way I read those logs, vn and portal forward packets to other hosts
> just fine.  However, when a packet arrives for the endpoints themselves,
> it somehow does not reach the TCP stack or something - at least it does not
> reach the part where the handshake SYN's and ACK's are processed.

have you solved your problem? if not, check the output "netstat -s".
i think there are some errors in the stat of ipsec.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message