Re: [Swan] VTI issue to SRX unable to send traffic through the interface

On Wed, 1 Nov 2017, Paul Tran wrote: RP_filter is disabled but the ipsec verify shows the same message about disabling it still (rp_filter is not fully aware of IPsec and should be disabled). The "all" or "default" options only take effect on newly created interfaces. So either manually

[Swan-commit] Changes to ref refs/heads/master

New commits: commit 892fa8c15a7db860d2d834d6be767c0e6124e7f7 Author: Andrew Cagney Date: Fri Nov 10 10:46:15 2017 -0500 testing: add ikev1-impair-01-dup-incomming-packets When a machine is under load - taking time to get to each packet - the initator will

[Swan-commit] Changes to ref refs/heads/master

New commits: commit 04340e850cadd339dcf187815a73f3b5ea5be56e Author: Andrew Cagney Date: Fri Nov 10 10:12:58 2017 -0500 ikev1: when --impair dup-incoming-packets overwhelm the state with duplicates In tests, this will force the code capping re-transmits from

Re: [Swan] Forward of moderated message

In git master this is fixed. We will release 3.23 soon Sent from my iPhone > On Nov 10, 2017, at 18:35, Ivan Kuznetsov wrote: > > Hello > > Yes I hit the same problem with libreswan-3.22-2.el6_9.i686 rpm: > > [root@pine ipsec.d]# ipsec setup start > Redirecting to: service

Re: [Swan] Forward of moderated message

Hello Yes I hit the same problem with libreswan-3.22-2.el6_9.i686 rpm: [root@pine ipsec.d]# ipsec setup start Redirecting to: service ipsec start Starting pluto IKE daemon for IPsec: . [FAIL ] [root@pine init.d]# ipsec pluto --config /etc/ipsec.conf pluto: FATAL: unable to