[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Strange connectivity problems with ipsec+isakmp

To: Marko Lamminen <Marko.Lamminen@nixu.fi>
Subject: Re: Strange connectivity problems with ipsec+isakmp
From: Cedric Berger <cedric@wireless-networks.com>
Date: Fri, 26 Jan 2001 13:59:40 -0800
Cc: tech@openbsd.org
References: <003d01c087d0$1d5c27e0$8301000a@localnet>

Marko Lamminen wrote:
> 
> Lousy ascii picture:
> 
>    (Net-A) --- <Gateway A>[Ext-IP-A] ----- [Ext-IP-B]<Gateway B> --- (Net-B)
> 
>   Phase 2 only has Net-A to Net-B and viseversa connections.
> 
> Short Version:
> 
>    When isakmpd is running and SAs are established, no SSH connection
> between
>    Ext-IP-A and Ext-IP-B. If not running everything works normally.
> 

Yes, stock 2.8 isakmpd is broken and establish "required input flow" between
the two gateways, which essentially prevent any communications between theses
boxes. 

I don't know if the fix is already commited on the CVS stable branch.
Otherwise you can always ask Angelos or Niklas for a fix for this known
issue.

Cedric

Follow-Ups:
- Re: Strange connectivity problems with ipsec+isakmp
  - From: "Marko Lamminen" <Marko.Lamminen@nixu.fi>

References:
- Strange connectivity problems with ipsec+isakmp
  - From: "Marko Lamminen" <Marko.Lamminen@nixu.fi>

Prev by Date: pthreads lib
Next by Date: Re: pthreads lib
Prev by thread: Strange connectivity problems with ipsec+isakmp
Next by thread: Re: Strange connectivity problems with ipsec+isakmp
Index(es):
- Date
- Thread