On Wed, 1 Nov 2017, Paul Tran wrote:
RP_filter is disabled but the ipsec verify shows the same message about
disabling it still (rp_filter is not fully
aware of IPsec and should be disabled).
The "all" or "default" options only take effect on newly created
interfaces. So either manually
RP_filter is disabled but the ipsec verify shows the same message about
disabling it still (rp_filter is not fully aware of IPsec and should be
disabled).
cat /proc/sys/net/ipv4/conf/default/rp_filter
0
Checking rp_filter [ENABLED]
On Wed, 1 Nov 2017, Paul Tran wrote:
Thanks for looking at things. You mentioned I would need to have a "key" entry
matching the mark number in your
config (5). I am trying to find out how I would define that key entry in the
config I am reading the
https://libreswan.org/man/ipsec.conf.5.html
Thanks for looking at things. You mentioned I would need to have a "key"
entry matching the mark number in your
config (5). I am trying to find out how I would define that key entry in
the config I am reading the https://libreswan.org/man/ipsec.conf.5.html and
not sure what I am missing.
I also
On Tue, 31 Oct 2017, Paul Tran wrote:
VTI interfaces and ST interface on the srx set to IPs on the 192.168.10.0/24
network
I have users sitting on 10.8.0.0/24 that I am trying to have use this tunnel
that are connected off of the CENTOS box.
Ifconfig
vti201:
