Welcome to the most active Linux Forum on the web.
Go Back > Blogs > Musings on technology, philosophy, and life in the corporate world
User Name


Hi. I'm a Unix Administrator, mathematics enthusiast, and amateur philosopher. This is where I rant about that which upsets me, laugh about that which amuses me, and jabber about that which holds my interest most: Unix.
Rate this Entry

I have ESP

Posted 04-10-2016 at 10:47 AM by rocket357

Customer calls in, stating he can't get BGP to come up across an IPSec link from a VyOS instance to another region. He explains that this is his first time messing with BGP, and that the session won't establish. We review his configuration, and for a first-timer, I'm really impressed with his understanding of BGP. Clearly this guy has done his homework, as everything, including odd little quirks of BGP, are all accounted for.

"Well, let's sledgehammer the problem. Ping the BGP endpoint." I say.

Ping isn't getting responses. This isn't a BGP issue. As we're going through troubleshooting IPSec (which is up according to AWS and his VyOS box), I ask if he added ESP to his security group.

"Ahh, of course," he says, "I didn't teach my configuration to read my mind and do what I want! Seriously, ESP?"

After a quick laugh, I step him through adding protocol 50 to his security group for the VyOS box.

I sincerely wish I could have seen the look on his face when BGP came up moments later.
Posted in Uncategorized
Views 885 Comments 0
« Prev     Main     Next »
Total Comments 0




All times are GMT -5. The time now is 10:06 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration