Re: linux-ipsec: Latest IPsec and connecting two IP networks.... :-(

I have a new thought on this. While these problems were occurring here on "machine1", the IPsec configuration on the other Linux machine / firewall, "machine2" was still basically configured (and at one stage partially but incorrectly configured). Is it possible that:

1/ An IPsec machine (machine2) could send packets to a machine with an IPsec'd kernel but not the correct IPsec configuration (machine1)

or

2/ An IPsec machine with a "damaged" IPsec configuration (machine2) could send packets to a good machine (machine1)

and cause machine1's networking code to get so confused that the _networking on that physical external interface_ dies??

You see, after my problems (below) yesterday I only realised last night that the IPsec configuration on machine2 (which is in another state and only controlled by me via ssh) had been messed up all day (somehow it was missing its IP4 spi entry but it still had its two ESP entries)..... I fixed this problem while the local firewall was up ( ;-) ) and since then I don't appear to have had problems...............

Here's something to chew on. :-)

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek

David S..

David Sainty wrote:
>
> Henry Spencer wrote:
Received on Wed Sep 2 19:13:54 1998