Re: [Devil-Linux-discuss] IPSec Problem, extremely weird.

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thu, May 11, 2006 06:15, Frank Weis wrote:
> Hi all,
>
>
> I have an extremely weird problem with IPsec tunnels in DL:
>
>
> I have upgraded two firewalls that are linked by IPsec tunnels from
> gibraltar to DL-1.2.9 (Gibraltar had Freeswan 2.0.4, DL has Openswan
> 2.4.4)
>
>
> When I try to establish a TCP connection to any windows server (2k, 2k3),
> the server restarts immediately (bluescreen, complaining about TCPIP.SYS
> error, and reboots).
>
> Connections that go through the DL firewall but not the ipsec tunnel
> to the same ports on the same servers (either plainly routed throuh the
> firewall, or with DNAT) are fine. Pinging the servers through the ipsec
> tunnels is fine also.
>
> When I revert one end of the tunnel back to Gibraltar/FreeSWan-2.0.4, the
>  servers on _that end_ of the tunnel are safe.
>
> The crashing can be triggered either by normal windows clients trying to
> connect to the server, or by a linux client that does 'telnet x.y.z.t 25'
> to the server.
>
> I am really desperate with this one, so if anybody has any hints, I'd be
> very grateful.

(sorry for the late answer, but I was out of town)

Did you try your luck with the Openswan folks? We just use their stock
patch without any modifications.

- -- 

Regards
  Heiko Zuerker
  http://www.devil-linux.org

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)

iEYEARECAAYFAkRovEwACgkQUcytMSbs+YUYEACfR2LXVvF5k8xW/VYrEbOgjvdh
6osAn1elk7wOGkK4CkSTiiRx0m5oQwuQ
=rqgH
-----END PGP SIGNATURE-----