On 10/1/18 4:36 PM, Claudio Jeker wrote:
On Mon, Oct 01, 2018 at 04:16:48PM +0100, Kaya Saman wrote:
On 10/1/18 4:12 PM, Janne Johansson wrote:
Den mån 1 okt. 2018 kl 16:56 skrev Kaya Saman <kayasa...@gmail.com
<mailto:kayasa...@gmail.com>>:
Hi,
I've got an issue where something strange is happening with the
routing
table after establishing an ipsec connection.... it's quite hard to
describe but what happens is that the tunnel establishes then routing
goes down completely. The netstat -r command when run on the
router just
hangs and doesn't complete (show any routes).
Perhaps you can't reach your resolver, try running "netstat -rn" to
prevent netstat
from trying to resolve all ips and networks it lists.
--
May the most significant bit of your life be positive.
The resolver is local. However, the issue is deeper as inter-subnet
communications go down and these are ipv4 -> ipv4
If I kill the isakmpd process then communication resumes, as in all layer3+
services start functioning again: icmp, nfs, ssh etc....
Since your policy is from 0.0.0.0/0 to 0.0.0.0/0 all traffic will end up
in the ipsec tunnel. I doubt this is what you want. IPsec flows steal the
traffic before routing happens. I think you need to refine your policy
also check with tcpdump what happens on enc0, etc. pp.
I had a hunch that was the case!!
So I will try to make the other end work now without the "default route"
style policy.
