I can confirm this as a serious bug. Rafals patch shows exaclty where
the problem is.
In tunnel mode the FWD policy has to be added in addition to the IN
policy as suggested here:
http://www.ipsec-howto.org/x304.html
And here(patch for racoon):
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=292850
So the patch from Rafal should be modified in a way that a third policy
- the FWD policy
should be added instead of only replacing the IN policy in case of the
tunnel mode.
As a workaround you can manually duplicate the "in" policy
configuration, replace the word "in"
by "fwd" for the direction and add the new third fwd policy by using the
command line tool "setkey".
(see e.g. http://www.ipsec-howto.org/x304.html how to do that)
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
