Date: Tue, 03 May 2005 07:43:10 +1000 From: Matthew Sullivan <matthew@uq.edu.au> To: Andre Oppermann <andre@freebsd.org> Cc: freebsd-current@freebsd.org Subject: Re: DF (Don't frag) issues Message-ID: <42769EEE.3030309@uq.edu.au> In-Reply-To: <42767460.2040102@freebsd.org> References: <20050424150211.GA87520@walton.maths.tcd.ie> <426BC78A.3E56D99B@freebsd.org> <426C1600.106@uq.edu.au> <426D2307.97D15253@freebsd.org> <426D306B.7010000@freebsd.org> <426E0F5C.3F157398@freebsd.org> <4272AF49.1090400@uq.edu.au> <42763D42.BB3B5416@freebsd.org> <427643E2.4070008@uq.edu.au> <42764884.8070704@freebsd.org> <42764EC4.7030403@uq.edu.au> <42765153.3090409@freebsd.org> <42765479.4000101@uq.edu.au> <42767460.2040102@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Andre Oppermann wrote: > I'm at loss for an explanation. I've recreated approximatly the same > setup with the gif tunnel (but no IPSec) and it works just fine for me. > Getting correct MTU back and everything. > > What is your IPSec setup? Could it be that you do the IPSec on the IP > packet first before it goes into the gif tunnel instead of the other > way around? That may explain this behaviour. > You're quite welcome to take a look - this is the first time up for me with FreeBSD, ipf/ipfw/pf and VPNs - to date I have used iptables and FreeSWAN on Linux (settled on pf). Setup scripts for the tunnel are at: http://scorpion.sorbs.net/ICMP/ipsec-stealth.sh.txt (this is the VPN server) http://scorpion.sorbs.net/ICMP/ipsec-oblivion.sh.txt (this is my home machine where the mulitple nets are) Regards, -- Matthew Sullivan Specialist Systems Programmer Information Technology Services The University of Queensland
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42769EEE.3030309>