|
OpenBSD Security Functionally paranoid! |
|
Thread Tools | Display Modes |
|
|||
Ipsec strange and annoying problem
I have IPsecs between few OpenBSD machines (release: 4.6, 4.8 $ 4.9). IPsec is working fine for a long time, but here and there (at once, or at twice per day), IPsec traffic just stop. This kind of problem last ussually 17-18 minutes. SAs are still there (or, at least, ipsecctl show that), but traffic cant pass from netA to netB.
I use isakmpd, /etc/ipsec.conf and x509 certificates. There is no nat, no rdr. Until few months ago, everything worked fine on OBSD 4.5 & 4.6 (So, I think, there is no problem in ipsec.conf or x508). Any idea? ps Yes, I know about SHA, so between same BSD releases I use: ike esp from $netA to $netB \ local $ipHOSTA peer $ipHOSTB \ main auth hmac-sha2-512 enc aes-256 group modp1024 \ quick auth hmac-sha2-512 enc aes-256 group modp1024 but between pre-4.7 and after-4.7 I use sha1 |
|
|
Similar Threads | ||||
Thread | Thread Starter | Forum | Replies | Last Post |
Strange lib problem | mururoa | FreeBSD General | 3 | 1st August 2009 07:34 AM |
Strange network problem | mururoa | FreeBSD General | 15 | 5th November 2008 08:25 AM |
Strange Eterm-problem | PatrickBaer | FreeBSD General | 5 | 22nd July 2008 07:54 AM |
NFS and FreeBSD 6.2r strange problem .. | bsduser | FreeBSD Installation and Upgrading | 3 | 11th July 2008 11:48 AM |
Multiple IPSEC Tunnel problem | RMSZaphod | FreeBSD Security | 1 | 28th June 2008 10:08 AM |