Hello Julie,
> Hi All, > > > I'm getting the following behavior on bering 2.3. I just rebooted my > firewall (which was working beautifully) and now I'm having problems with > my windows VPN. Here's what I get..... > >> Pinging xxxx [192.168.0.13] with 32 bytes of data: >> >> >> Negotiating IP Security. >> Negotiating IP Security. >> Negotiating IP Security. >> Negotiating IP Security. >> >> >> Ping statistics for 192.168.0.13: >> Packets: Sent = 4, Received = 0, Lost = 4 (100% loss), >> Approximate round trip times in milli-seconds: >> Minimum = 0ms, Maximum = 0ms, Average = 0ms >> >> >> C:\Documents and Settings\Julie S. Lin>ping xxxx >> >> >> Pinging buzz [192.168.0.13] with 32 bytes of data: >> >> >> Reply from 192.168.0.13: bytes=32 time=20ms TTL=63 >> Reply from 192.168.0.13: bytes=32 time=20ms TTL=63 >> Request timed out. >> Request timed out. >> >> >> >> > When I did restart the ipsec, I saw that it was complaining about KLIPS > > > ipsec_setup: Using /lib/modules/ipsec.o > ipsec_setup: WARNING: eth0 has route filtering turned on, KLIPS may not > work ipsec_setup: (/proc/sys/net/ipv4/conf/eth0/rp_filter = `1', should be > 0) > > > so I did echo 0 > /proc/sys/net/ipv4/conf/ipsec0/rp_filter (since it's > recommended both are set to 0) echo 0 > > /proc/sys/net/ipv4/conf/eth0/rp_filter > > > I'm planning on checking this at home tonight, however, I'm just curious > if anyone has seen this kind of behavior before, and if it is indicative of > a semi-functioning KLIPS? It's odd since ipsec barf shows the tunnel > established. Any info or comments/feedback would be greatly appreciated. > If rp_filter is enabled you will see this behavior, AFAIK most of the times it's harmless. But you can disable rp_filter in: lrcfg -> 1) network configuration -> 2) network options file and set spoofprotect=no After that backup etc.lrp > --jsl > Eric > > > > > ------------------------------------------------------- > This SF.net email is sponsored by: Splunk Inc. Do you grep through log > files for problems? Stop! Download the new AJAX search engine that makes > searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! > http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 > ------------------------------------------------------------------------ > leaf-user mailing list: leaf-user@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/leaf-user > Support Request -- http://leaf-project.org/ > > ------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: leaf-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
