Current-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: IPsec manual keying: Question on Interoperability

On Tue, Apr 15, 2008 at 04:02:24PM +0200, rsg wrote:
> I have tried to ping from Network A to B and vice versa. But I see no
> "echo-reply" meaning that only originated SA is there but nothing in
> return.

Please try to enable IPSec debugging on the NetBSD system with
"sysctl -w net.inet.ipsec.debug=1" and try to ping the remote end
afterwards. You should get kernel messages telling you what is
going wrong.

> When I tried SETKEY with on 2.6.X it works without any
> trouble(needless to say)

What do you mean by 2.6.X? Linux kernel 2.6.x?

        Kind regards

Matthias Scheler                        

Home | Main Index | Thread Index | Old Index