netdev
[Top] [All Lists]

Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?

To: ahu@xxxxxxx (bert hubert)
Subject: Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?
From: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Date: Sat, 31 Jul 2004 17:50:05 +1000
Cc: jmorris@xxxxxxxxxx, netdev@xxxxxxxxxxx
In-reply-to: <20040730223808.GA12660@xxxxxxxxxxxxxxx>
Organization: Core
Sender: netdev-bounce@xxxxxxxxxxx
User-agent: tin/1.7.4-20040225 ("Benbecula") (UNIX) (Linux/2.4.26-1-686-smp (i686))
bert hubert <ahu@xxxxxxx> wrote:
> 
> The encoding looks fine but the receiving side does not appear to listen:
> 
> 00:34:09.491228 IP 192.168.1.4.4500 > 10.0.0.3.4500: UDP, length: 88
> 00:34:09.492290 IP 10.0.0.3 > 192.168.1.4: icmp 124: 10.0.0.3 udp port 4500
>        unreachable

You need to have someone open a socket on port 4500 and do the
appropriate setsockopt() on it.
 
> This is the setkey configuration I use on 10.0.0.3:

Any reason why you aren't using automatic keying?
-- 
Visit Openswan at http://www.openswan.org/
Email: Herbert Xu ~{PmV>HI~} <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt

<Prev in Thread] Current Thread [Next in Thread>