Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
We are trying to connect a linux server to a cisco router with ipsec using Racoon. We see the tunnel is established and from the cisco side we see packets coming in and ou but they are not making it to the linux serve. Here is the output from the cisco side.
local crypto endpt.: xx, remote crypto endpt.: xx
path mtu 1500, ip mtu 1500
current outbound spi: 0xBE7F6BD(199751357)
inbound esp sas:
spi: 0x3180D2BE(830526142)
transform: esp-3des esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2017, flow_id: SW:17, crypto map: VPNPROD
sa timing: remaining key lifetime (k/sec): (4411488/3445)
IV size: 8 bytes
replay detection support: Y
Status: ACTIVE
inbound ah sas:
inbound pcp sas:
outbound esp sas:
spi: 0xBE7F6BD(199751357)
transform: esp-3des esp-sha-hmac ,
in use settings ={Tunnel, }
conn id: 2010, flow_id: SW:10, crypto map: VPNPROD
sa timing: remaining key lifetime (k/sec): (4411495/3445)
IV size: 8 bytes
replay detection support: Y
Status: ACTIVE
outbound ah sas:
outbound pcp sas:
We want to enable packet logging on our side as the other side is limited to what they can do to troubleshoot this but the command we have tried to turn logging on seems to not be working. (see below). Apparently the more -d's you have the more logging you get out of it.
It is not logging the packets but does show the tunnel being estabalished. Once the tunnel is estabalished the logging stops.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.