Subject: Re: IPSec w. IPv4 Wierdness
To: Michael Richardson <mcr@sandelman.ottawa.on.ca>
From: None <itojun@iijlab.net>
List: tech-net
Date: 01/03/2001 15:29:14
> I finally gave the newest racoon a whirl with the TimeStep PERMIT gateway
>at work. Phase 2, no problem... but I didn't get responses... the reason?
>Because I didn't use the right address on the inside of my tunnel.
> I need to use an address assigned to me by the PERMIT.
> Itojun, do you know what extension they implemented?
i do not remember. if you could gather full logs using:
% script /tmp/foo
% racoon -F -d 0xffffffff (run in foreground)
it may help.
also you need to supply more information about your setups...
are you using netbsd side as "mobile client outside of the firewall"?
netbsd creates tunnelled IPsec packet for itself?
(there could be pcb source address selection issues in that case...)
itojun@starbucks shinjuku, w/hpcmips