Re: (udp-en/decap broken in 2.6.8-rc2?) Re: ipsec, nat-t, iproute2?
From: Herbert Xu <herbert@gondor.apana.org.au>
Date: 2004-07-31 07:50:05
bert hubert [off-list ref] wrote:
The encoding looks fine but the receiving side does not appear to listen:
00:34:09.491228 IP 192.168.1.4.4500 > 10.0.0.3.4500: UDP, length: 88
00:34:09.492290 IP 10.0.0.3 > 192.168.1.4: icmp 124: 10.0.0.3 udp port 4500
unreachableYou need to have someone open a socket on port 4500 and do the appropriate setsockopt() on it.
This is the setkey configuration I use on 10.0.0.3:
Any reason why you aren't using automatic keying? -- Visit Openswan at http://www.openswan.org/ Email: Herbert Xu ~{PmV>HI~} [off-list ref] Home Page: http://gondor.apana.org.au/~herbert/ PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt