https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=202667
Bug ID: 202667
Summary: ipsec broken on i386
Product: Base System
Version: 10.2-STABLE
Hardware: i386
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: kern
Assignee: [email protected]
Reporter: [email protected]
I'm using NanoBSD for branch office routers, I have like dozens of these. I'm
using gre+ipsec to create a corporate VPN. After upgrade to r285595 ipsec
stopped working. Symptoms:
- SP are installed
- SA are installed (ipsec-tools are used)
- scheme is as follows:
(A, FreeBSD) <=========ipsec/gre========> (B, nanobsd)
B sends icmp via tunnel to A. A sees ipsec packets, successfully decrypts them
and replies. B sees ipsec packets (correct SPIs and stuff) but sees nothing on
the tunnel interface.
The most interesting part is that A also runs same release as B, but on amd64.
I've upgraded both systems to r286954, to resolve recent netstat issue, and,
since it was related to i386 and ipsec somehow, to see if that would help - it
didn't.
When I disable ipsec (flush the SA and SP's for that particular tunnel on A and
B) the tunnel begins to work.
--
You are receiving this mail because:
You are the assignee for the bug.
_______________________________________________
[email protected] mailing list
https://lists.freebsd.org/mailman/listinfo/freebsd-bugs
To unsubscribe, send any mail to "[email protected]"
