On 21.04.2018 19:16, Victor Gamov wrote: > When I change ipsec-interfaces creation order then only last created > interface worked fine again and previously configured interfaces does > not work. > > > And very interesting fact: when I ping from remote 10.10.98.5 for > example to FreeBSD 10.10.98.6 then no ICMP-request coming over > ipsec-interface but ICMP-reply outgoing via this ipsec-interface (but > not delivered to 10.10.98.5) > > > Any ideas?
I'm lack of any ideas. For further debugging I need to see the output of # sysctl net. | grep ipsec # setkey -DP # setkey -D # ifconfig And probably racoon's logs. -- WBR, Andrey V. Elsukov
signature.asc
Description: OpenPGP digital signature
