I've got really simple transport mode IPSec setup between two hosts: [ipsec.conf] ike ah transport from 128.164.144.144 to 128.164.159.159 main auth hmac-sha2-256 group modp1536 quick group modp1536
Though traceroute from one host to the other fails at the gateway, despite the gateway responding, 128.164.144.189 > dns1: icmp: time exceeded in-transit [tos 0xc0] (ttl 255, id 12234, len 56) traceroute to dns2 (128.164.159.159), 64 hops max, 40 byte packets 1 * * * 2 dns2 (128.164.159.159) 0.752 ms 0.648 ms 0.604 ms Is there anything I could be doing differently so that the traceroute works?
