multiple if_ipsec
Andrey V. Elsukov
bu7cher at yandex.ru
Mon Apr 23 11:15:03 UTC 2018
On 21.04.2018 19:16, Victor Gamov wrote:
> When I change ipsec-interfaces creation order then only last created
> interface worked fine again and previously configured interfaces does
> not work.
>
>
> And very interesting fact: when I ping from remote 10.10.98.5 for
> example to FreeBSD 10.10.98.6 then no ICMP-request coming over
> ipsec-interface but ICMP-reply outgoing via this ipsec-interface (but
> not delivered to 10.10.98.5)
>
>
> Any ideas?
I'm lack of any ideas. For further debugging I need to see the output of
# sysctl net. | grep ipsec
# setkey -DP
# setkey -D
# ifconfig
And probably racoon's logs.
--
WBR, Andrey V. Elsukov
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 553 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20180423/acbd9473/attachment.sig>
More information about the freebsd-net
mailing list