[Cialug] IPSec Routing & Evil NETKEY
Jonathan C. Bailey
jbailey at co.marshall.ia.us
Sat Nov 20 21:43:00 CST 2010
Yup... I've got the following in sysctl.conf:
net.ipv4.ip_forward=1
net.ipv4.conf.default.rp_filter = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv4.conf.default.send_redirects = 0
net.ipv4.icmp_ignore_bogus_error_responses = 1
net.ipv4.conf.default.log_martians = 0
----- Original Message -----
From: "Zachary Kotlarek" <zach at kotlarek.com>
To: "Central Iowa Linux Users Group" <cialug at cialug.org>
Sent: Saturday, November 20, 2010 9:25:10 PM
Subject: Re: [Cialug] IPSec Routing & Evil NETKEY
On Nov 20, 2010, at 9:10 PM, Jonathan C. Bailey wrote:
> Based on the captures I'm have, it seems that the traffic is being successfully decrypted on eth1, but then it just goes "nowhere". I can't seem to find *anything* that would indicate how to move this decrypted traffic out the correct interface, or do anything else with it..
>
> Anyone have some thoughts on this? About to go bald from pulling my hair out...
Is IP forwarding enabled? I often forget that bit when first setting up a router.
Zach
_______________________________________________
Cialug mailing list
Cialug at cialug.org
http://cialug.org/mailman/listinfo/cialug
More information about the Cialug
mailing list