-Uğur 2016-05-04 18:44 GMT+03:00 Olivier Mascia <o...@integral.be>:
> Having switched recently from OpenVPN to IPsec (IKEv2 only) for 3 site to > site tunnels, I'm still debugging why I can only get it to work for IPv4. > Phase1 are setup with IPv4. Adding two phase2, one tunnel4 and one tunnel6, > nothing flows through the tunnel6. > > Capturing on IPSEC interface on one side attempting a ping to remote site, > I see for instance: > > 17:33:25.757775 (authentic,confidential): SPI 0xcf5bb1d6: IP6 fd00::1:1 > > fd01::107: ICMP6, echo request, seq 170, length 40 > > But I get no replies from the other party. > What's more, capturing ESP on the other side, I get NO incoming ESP packet > at all. > > If I'm pinging IPv4, I trace the echo requests, I have ESP packets flowing > on the other site and the echo replies on the sender: all works (can pipe > any IPv4 traffic with excellent performance). > > Only the IPv6 seems stuck. > > Capturing the echo requests on the sender IPSEC interface, does this prove > the packets embark the tunnel (and so that the issue is on the other end)? > Or not? > > -- > Meilleures salutations, Met vriendelijke groeten, Best Regards, > Olivier Mascia, integral.be/om > > > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
