[Bug 221091] security/ike: iked fails to run after FreeBSD 11.1 upgrade (socket set udp-encap non-ike option failed)
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Thu Aug 3 11:02:41 UTC 2017
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=221091
--- Comment #4 from Andrey V. Elsukov <ae at FreeBSD.org> ---
(In reply to Darryn Nicol from comment #3)
> When I establish a tunnel I'm picking up an IP address on the remote LAN via
> DHCP. I can confirm this by checking the assigned IP on my tap0 device. But
> any attempt to use a network resource over the tunnel times out. I've
> noticed that trying to display a route with 'route get <ip>', even to a
> local lan address, takes about 44 seconds while connected to the tunnel, but
> less than a second when the tunnel is not established.
Use '-n' flag to avoid name resolution.
There are several things that can help with further debugging:
1. Look at the output of `netstat -rn`
2. Look at the output of `setkey -D` and `setkey -DP`
3. Use tcpdump on if_enc(4) interface to see what is going trough IPsec.
4. Check your firewall rules.
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-ports-bugs
mailing list