On Fri, 3 Feb 2023, [email protected] wrote:
Double checked this, rp_filter is disabled on all interfaces and ipv4 forwarding is enabled. I use "nftables" on both ends and have double checked to rules to ensure packets from both these sites have bi-directional traffic enabled. In fact to rule out nftables, I flushed all rules at both ends briefly for a min and tried to reach each other, but there's no change in status.
Then you need to do network captures to see if the packets are in fact making it to the machine or not. If they are, double check /proc/net/xfrm_stat for non-zero entries indicating problems. _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
