From: Andreas Steffen (andreas.steffen_at_strongsec.net)
Date: Sat Jan 04 2003 - 20:31:49 CET
It could be that the linksys router cannot handle IP fragments.
As a workarount try to reduce the size of the X.509 certificates
Regards
Andreas
Andrew Longstreet wrote:
> IPSec passthru is enabled on the linksys router.
>
> Also, a dump on eth0 of the FreeSWAN gate reveals messages like
>
>
> 18:16:51.839471 xxx.xxx.xxx.xxx.isakmp > mygate.on.ca.isakmp: isakmp:
> phase 1 ? ident[E]: [|id] (frag 14113:1376_at_0+)
> 18:16:51.847372 xxx.xxx.xxx.xxx > mygate.on.ca: (frag 14113:348_at_1376)
>
>
>
>
>
-- ====================================================================== Andreas Steffen e-mail: andreas.steffen_at_strongsec.com strongSec GmbH phone: +41 76 340 25 56 Alter Zürichweg 20 home: http://www.strongsec.com CH-8952 Schlieren (Switzerland) ==========================================[strong internet security]== _______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.5 : Sun Jan 05 2003 - 05:21:07 CET