Date: Tue, 23 May 2000 10:24:07 -0400 From: Josh Tiefenbach <josh@zipperup.org> To: Renaud Waldura <renaud@evolunet.com> Cc: freebsd-net@freebsd.org Subject: Re: PPP dropping IPSec packets? Message-ID: <20000523102407.A52508@zipperup.org> In-Reply-To: <200005222215.AAA26890@guppy.evolunet.com> References: <200005222215.AAA26890@guppy.evolunet.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> I try to ping the remote end of the encrypted link, but the packets
> never make it back to me. They do flow from tun1 to tun0 to eth0
> to the telco router to ... to the remote site, _which_replies_
> to my ICMP echo, but for some reason PPP drops the IPSec packets,
> they never come back up to neither tun0 (tunnel interface opened
> by ppp), nor to tun1 (tunnel opened by pipsecd).
>
> But they *do* make it back to the Ethernet interface, they're
> just not transmitted back to the tunnel tun0.
I had the *exact* same problem.
You dont mention whether or not you are using NAT on your gateway box. I
noticed that when I turned off ppp's NAT facility that the pipsecd tunnel
automagically started to work.
I havent had the chance to delve any further, but it would appear that either
ppp or libalias has some problems trying to map ESP packets.
josh
--
"Just because we know the value of G won't make better cell phones"
-- Jens Gundlach
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000523102407.A52508>