[Swan] Problem libreswan IPsec PSK
Paul Wouters
paul at nohats.ca
Sat Sep 15 19:12:37 UTC 2018
On Fri, 14 Sep 2018, Bruno de Oliveira Bastos wrote:
> Hi, i have a problem with CentOS 7.5 VPN. I have a tunnel established on both side. But when i sent a package from one site do other side, the package ESP return but
> dont work. I remove the all iptables rules, the ip xfrm policy its ok. Someone one can help ?
There could be firewall rules blocking things like proto 50 on your
management console (eg if using a clound instance).
Also check "ipsec verify" for errors?
And you can run ipsec whack --trafficstatus to see if any packet ever
is encrypted on the way out and decrypted on the way in by the non-zero
packet counters.
Paul
More information about the Swan
mailing list