[Swan] Enabling ipsec disables normal ping functionality in openswan

Paul Wouters paul at nohats.ca
Fri May 3 13:19:15 UTC 2019

The problem you are seeing is local, and has nothing to do with the other end (unless some firewall rule only kicks in if there is no IPsec active)

Sent from mobile device

> On May 3, 2019, at 01:52, Madhan Raj <madhanrajrm at gmail.com> wrote:
> Thanks Paul,I am checking on that 
> Is it mandatory  to create ipsec policies on both the servers pointing each other?.
> Thanks,
> Madhan
>> On Thu, May 2, 2019 at 11:57 PM Paul Wouters <paul at nohats.ca> wrote:
>> On Thu, 2 May 2019, Madhan Raj wrote:
>> > we have upgraded our linux  machine from Red Hat Enterprise Linux Server release 6.2 (Santiago)(openswan-2.6.32-27.4.el6_5.x86_64)  to  6.6 (Santiago) (openswan-2.6.32-37.el6.x86_64).
>> > I have an ipsec policies   configured between 2 different servers and ipsec  status showed me that it is loaded and working fine.
>> > 
>> > As soon as we  upgrade the servers to 6.6 ipsec  policies are loaded sucessfully in ipsec status command but somehow normal network pings are failing with below error :- 
>> > ping: sendmsg: Operation not permitted
>> That looks like a firewall rule or possibly selinux policy preventing a
>> ping?
>> Just confirm with "ipsec trafficstatus" that your tunnel is up?
>> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20190503/d58583cd/attachment.html>

More information about the Swan mailing list