[Swan] Enabling ipsec disables normal ping functionality in openswan
Paul Wouters
paul at nohats.ca
Fri May 3 13:19:15 UTC 2019
The problem you are seeing is local, and has nothing to do with the other end (unless some firewall rule only kicks in if there is no IPsec active)
Sent from mobile device
> On May 3, 2019, at 01:52, Madhan Raj <madhanrajrm at gmail.com> wrote:
>
> Thanks Paul,I am checking on that
>
> Is it mandatory to create ipsec policies on both the servers pointing each other?.
>
> Thanks,
> Madhan
>
>> On Thu, May 2, 2019 at 11:57 PM Paul Wouters <paul at nohats.ca> wrote:
>> On Thu, 2 May 2019, Madhan Raj wrote:
>>
>> > we have upgraded our linux machine from Red Hat Enterprise Linux Server release 6.2 (Santiago)(openswan-2.6.32-27.4.el6_5.x86_64) to 6.6 (Santiago) (openswan-2.6.32-37.el6.x86_64).
>> > I have an ipsec policies configured between 2 different servers and ipsec status showed me that it is loaded and working fine.
>> >
>> > As soon as we upgrade the servers to 6.6 ipsec policies are loaded sucessfully in ipsec status command but somehow normal network pings are failing with below error :-
>> > ping: sendmsg: Operation not permitted
>>
>> That looks like a firewall rule or possibly selinux policy preventing a
>> ping?
>>
>> Just confirm with "ipsec trafficstatus" that your tunnel is up?
>>
>> Paul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20190503/d58583cd/attachment.html>
More information about the Swan
mailing list