[ProgSoc] Getting ipsec-tools to work between Ubuntu Lucid hosts

Nigel Sheridan-Smith wtfiwtz at gmail.com
Fri Jul 29 08:25:55 EST 2011


On Fri, Jul 29, 2011 at 8:15 AM, Nigel Sheridan-Smith <wtfiwtz at gmail.com>wrote:

>
>
> On Fri, Jul 29, 2011 at 8:08 AM, Nigel Sheridan-Smith <wtfiwtz at gmail.com>wrote:
>
>>
>> Could be MSS / MTU related, if small packets get through, but large ones
>> do not...
>>
>> http://en.wikipedia.org/wiki/Maximum_segment_size
>> http://en.wikipedia.org/wiki/Maximum_transmission_unit
>>
>>
>>
> What interfaces are present? ifconfig -a?
>
> Tunnels like this should normally start a new interface... sorry I've not
> used IPSec on Linux specifically, so I'm not 100% sure what you should see.
>
>
Okay I'm probably confusing you more... you are using transport mode, not
tunnel mode. Tunnel mode is likely to introduce new network interfaces and
alter the route table, where as transport mode probably doesn't need this
since the decision would be made in the kernel.

I don't think the transport is working, because you should see unencrypted
packets in tcpdump on each end.

This page below has a bit more detail, although still no specifics on
diagnosis.

http://lartc.org/howto/lartc.ipsec.html#LARTC.IPSEC.INTRO

Cheers,

Nigel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://progsoc.org/pipermail/progsoc/attachments/20110729/e5f7c5fd/attachment.html>


More information about the Progsoc mailing list