Paul Wouters wrote:
> On Thu, 4 Jul 2002, Jimmy Nordstrom wrote:
>
>
>>im out of ideas
>
>
> Some things I notice, maybe it will help?
>
> I see lvm-mod is loaded. Isn't that the LinuxVirtualServer stuff? If so,
> that module does it own juggling and NATlike things. Try to disable that
> and see if it helps? (Though I'm running LVS and Freeswan on a single
> box as well, just no private IP space on that machine)
> I'm also not sure if you're running a X509 enabled and standard freeswan
> connection, with the X509 not being configured with its own certificate.
> That's known to give problems as well.
Without a certificate in /etc/x509cert.der there is nothing to fear from
X.509 enabled FreeS/WAN. It will not send any certificate request payloads.
> You can try to unload some more kernel modules, such as all the NAT and
> the ipv6 modules.
>
> Also, can you post the other ends ipsec.barf?
>
> Finally, you ARE testing from a 10.* machine right? Because the subnet-subnet
> conn does NOT include the security gateway itself.
>
> Just some thoughts, hope it helps.
>
> Paul
Andreas
======================================================================
Andreas Steffen e-mail: andreas.steffen_at_strongsec.com
strongSec GmbH phone: +41 76 340 25 56
Alter Zürichweg 20 home: http://www.strongsec.com
CH-8952 Schlieren (Switzerland)
==========================================[strong internet security]==
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:18 CEST