> Well, then the obvious question is why pf sees a plain TCP packet, isn't
> it supposed to be ipsec encapsulated?
Good point. There are states for both esp and tcp. Ongoing session shows in
tcpdump as esp. So, it looks like I'll have to go searching in the isakmpd
config.
esp states are showin
On Mon, Aug 04, 2003 at 03:38:18PM +1000, Craig Barraclough wrote:
> *I'm running ipsec between the machines (same config as used with other boxes,
> with no connection breakage)
Well, then the obvious question is why pf sees a plain TCP packet, isn't
it supposed to be ipsec encapsulated?
Check
Hi All,
Just some more info to help:
*flags keyword is not used
*this can happen in the middle of my using a ssh session
*optimization is set to normal
*this is inside a LAN
*I'm running ipsec between the machines (same config as used with other boxes,
with no connection breakage)
*adpative timeou
On Mon, Aug 04, 2003 at 02:55:08PM +1000, Craig Barraclough wrote:
> Hi all,
> I've got a strange occurence with connection to one of my boxes, during ssh
> connections, I'll quite commonly have the connection freeze then drop, with
> an entry in pflog:
> Followed by a series of (13) resets:
Hi all,
I've got a strange occurence with connection to one of my boxes, during ssh
connections, I'll quite commonly have the connection freeze then drop, with
an entry in pflog:
Aug 04 14:46:53.753157 rule 5/0(match): block in on dc0: se.r.v.er.22 >
de.sk.to.p.25414: P 738304278:738304310(32) a
