I can confirm this as a serious bug. Rafals patch shows exaclty where
the problem is.
In tunnel mode the FWD policy has to be added in addition to the IN
policy as suggested here:
http://www.ipsec-howto.org/x304.html
And here(patch for racoon):
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug
Package: isakmpd
Version: 20041012-5
Severity: important
Tags: patch
IPsec implementation has been changed in linux 2.6.10. All packets
intended to be forwarded needs to go through flow configured configured
in IPSEC_DIR_FWD direction (instead of IPSEC_DIR_INBOUND).
The way isakmpd configures ip
2 matches
Mail list logo
