Izzi Izzy Blacklock wrote: > I've been fighting through a problem getting my openswan connections > working correctly under bering uclibc version 3.0 beta 3. The symptoms > of the problem are that I can bring up the vpn, but I can't access the > other side. I found that if I didn't load shorewall, then the problem > went away, so I assumed it was a firewall problem. I later found that > if I restarted ipsec after a fresh boot, that things would work as > expected. > > I think I've tracked it down to ipsec loading before shorewall. I seem > to recall having this problem before, and came to the same conclusion. > When I check the /etc/rc2.d dir on my old router, I have the following: > > S41shorewall > S42ipsec > > The ipsec.lrp package has it as S21ipsec. Changing it to S42ipsec, > seems to solve the problem. The specific change is to modify > /etc/init.d/ipsec and change this line: > > RCDLINKS="0,K19 1,K19 2,S21 3,S21 4,S21 5,S21 6,K19" > > to > > RCDLINKS="0,K19 1,K19 2,S42 3,S42 4,S42 5,S42 6,K19" > > ...Izzy
The shorewall log should reveal the problem, possibly because it is blocking some IPSEC traffic. Are you absolutely certain you configured your ipsec stuff within shorewall correctly? cheers Erich ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user Support Request -- http://leaf-project.org/
