Re: VPN Routing Issues
From: Shane Almeida (almeida.spam.is.evil_at_spam.is.evil.mindless.com)
Date: 11/16/05
- Previous message: Dave Uhring: "Re: binary upgrade 3.7 to 3.8"
- In reply to: Shane Almeida: "VPN Routing Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Wed, 16 Nov 2005 10:31:27 -0600
On Tue, 15 Nov 2005 18:05:22 -0600, Shane Almeida wrote:
> I had a VPN set up with automatic keying between two OpenBSD machines, one
> running 3.7 and the other a snapshot of 3.7-current from June. The setup
> was basically lifted from the vpn(8) man page and it worked fine. I just
> upgraded the 3.7-current machine to 3.8, and now I'm having problems with
> my VPN. Nothing was changed on the other end (still running 3.7 with same
> config), and I copied all the old config files (isakmp and pf) to the new
> 3.8 end.
I should have looked at the logs on the other end more closely.
/var/log/daemon had messages things that led me to this thread:
http://marc.theaimsgroup.com/?t=113112672200006&r=1&w=2
It turns out the problem is the new NAT traversal feature of isakmpd in
3.8. Disabling that (with the -T switch) on the 3.8 side solved my
problems. I guess this was fixed in 3.7-stable too, so upgrading to
-stable on the other side would fix it too.
- Previous message: Dave Uhring: "Re: binary upgrade 3.7 to 3.8"
- In reply to: Shane Almeida: "VPN Routing Issues"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
