Hi Timo,

I am using linux kernel version 2.6.37(custom).

IKEV2 packets are getting blocked at the kernel.

I have a policy below between x.x.x.x and y.y.y.y peers.

I am able to send IKEV2[ INIT REQ] packet from X.X.X.X but unable to receive[ INIT RESP] from Y.Y.Y.Y.

But I am able to see Y.Y.Y.Y that response has been sent.

Please help me in identifying the problem , weather it the kernel issue or the

Policy that is been created below.

src x.x.x.x/32 dst y.y.y.y/32 uid 0

        dir in action allow index 6704 priority 0 share any flags 0x00000000

        lifetime config:

          limit: soft (INF)(bytes), hard (INF)(bytes)

          limit: soft (INF)(packets), hard (INF)(packets)

          expire add: soft 0(sec), hard 0(sec)

          expire use: soft 0(sec), hard 0(sec)

        lifetime current:

          0(bytes), 0(packets)

          add 2011-08-16 21:03:30 use -

        tmpl    src x.x.x.x dst y.y.y.y

                proto esp spi 0x00000000(0) reqid 0(0x00000000) mode tunnel

                level required share any algo-mask:enc=32, auth=32, comp=32

src y.y.y.y/32 dst x.x.x.x/32 uid 0

        dir out action allow index 6697 priority 0 share any flags 0x00000000

        lifetime config:

          limit: soft (INF)(bytes), hard (INF)(bytes)

          limit: soft (INF)(packets), hard (INF)(packets)

          expire add: soft 0(sec), hard 0(sec)

          expire use: soft 0(sec), hard 0(sec)

        lifetime current:

          0(bytes), 0(packets)

          add 2011-08-16 21:03:30 use -

        tmpl    src y.y.y.y dst x.x.x.x

                proto esp spi 0x00000000(0) reqid 0(0x00000000) mode tunnel

 

Thanks and Regards

Naveen