Hi,
I've got an issue where something strange is happening with the routing
table after establishing an ipsec connection.... it's quite hard to
describe but what happens is that the tunnel establishes then routing
goes down completely. The netstat -r command when run on the router just
hangs and doesn't complete (show any routes).
What I'm doing is this:
start isakmp: isakmpd -Kv
run ipsecctl: ipsecctl -f /etc/ipsec.conf
my gre0 interface is setup like so:
hostname.gre0 ->
<src_internal_ip> <dst_internal_ip> netmask 0xffffffff up
tunnel <src_external_ip> <dst_external_ip>
inside ipsec.conf I have:
ike esp transport \
from 0.0.0.0/0 to 0.0.0.0/0 peer <peer_addr> main auth hmac-md5
enc \
3des group modp1536 quick auth hmac-md5 enc 3des psk "mykey"
(I need to have the 0.0.0.0/0 address in the "to" and "from" field
otherwise the connection doesn't establish with the other end - non
OpenBSD box)
I can see the connection fine using ipsecctl -sa and icmp packets are
able traverse the tunnel, but routing completely goes down??
I'm not sure what else I can provide in terms of information as the
messages log doesn't show anything useful outside of "phase 1 done"
followed by "quick mode done"; the system version is CURRENT: 6.4
GENERIC.MP#290 amd64
Any assistance would be appreciated.
Kaya
