Issue with IPSec after upgrade to Core 122?

General questions.
Post Reply
User avatar
trymes
Posts: 658
Joined: February 9th, 2011, 4:10 pm
Location: New England, USA

Issue with IPSec after upgrade to Core 122?

Post by trymes » August 8th, 2018, 2:34 am

I know that there were a handful of IPSec related changes for core 122, specifically with regard to multiple defined subnets. I am having issues with one of my tunnels, and was hoping to find if the issue is on my end or if there is a problem with the newly introduced changes. I have one tunnel that specifies the local subnet as:

Code: Select all

192.169.1.2/32,192.168.1.3/32,192.168.1.4/32,192.168.1.5/32,192.168.1.6/32
The far side reports that, after the 122 upgrade, they cannot reach 192.168.1.4. They can reach the other hosts, and they can reach .4 if I remove the other hosts from the configuration.

IPSec status reports nothing amiss, and I’m wondering where I can look to find the problem. I’m guessing that it might lie with IPTables, but that nothing is hitting the log.

Any help pinpointing this would be appreciated.

Tom

legionofdoom
Posts: 4
Joined: August 10th, 2018, 12:42 am

Re: Issue with IPSec after upgrade to Core 122?

Post by legionofdoom » August 10th, 2018, 3:08 am

Yikes you upgraded are you usinnng a blue connection I hacked a router to a switch and 117

Yep that’s not a easy fix unless you got a beta tester guy around I would roll it back to 117 I got old crappy hardware so I had too

Even sky lakes don’t like 120 to well so 122 beta my god that was a bad idea the bankers in Swiss still use 107 on the hardware sun machines
I know I installed a couple with Hans last year.

My next quedstion is are you running squid and a webproxy how bigs your drive and what is your swap on vbox if your using 8 or 16 your a idiot
Use 32 gb it will cause serious nat related problems not to mention hangs and load up times on red what’s happening is your squads over writing
Caches on your var and fucking your install so sometimes I wonder if it’s better to just ssd and get a proper rack mount system for 10k then monking around with a broken blade server and hacking ipfire on it that’s a lot of work though but sun micros suppose work real well.

I would turn your squid on and off and see if your IPSec works or re assign the blue green red adapters or make sure they are correct also another thing if your using smart v5 type switches with firmware expensive but good they will need to be rebooted periodically they become stupid sometimes especially if you watch as much porn in the dark web like me another possibility of these numbers but it’s wierd I just opened

but I a, having problems with feds and sierra it seems the newer OS has found a worm in the OS
That’s releasing ip6 unsecured traffic and converting it to ip4 fresh install of Apple OS I wish I was wrong that’s browsing google come on here chris Poole told me this is bad news it’s like I got a target on my head so here’s my problem I have a gateway modem device that puts a static macaddress out if you VPN your fine but otherwise you get this crap I need to change the local ip but how it’s a crappy cia nanny sitter collar bitch
Setup here and as you can see they got me here so I figure I got one of 2 things I could yank the modem out and hook it on a old folks address or disabl7e the static and bridge the arris Comcast bridge coincidentally is cia I could use some suggestions if there’s a red hat level 5 guy that could help .
Attachments
2FCD659C-36B2-4AA6-883C-073A8B44A768.jpeg
Apple Whaz you on about Willis

legionofdoom
Posts: 4
Joined: August 10th, 2018, 12:42 am

Re: Issue with IPSec after upgrade to Core 122?

Post by legionofdoom » August 10th, 2018, 3:55 am

The main question Bogachev has is this satillite bouncing off proxies from a Solaris box if so is this metnik and why there’s 500 pages of these negro I am concerned here

User avatar
trymes
Posts: 658
Joined: February 9th, 2011, 4:10 pm
Location: New England, USA

Re: Issue with IPSec after upgrade to Core 122?

Post by trymes » August 10th, 2018, 3:14 pm

Whoa. How many cups of coffee have you had?

122 isn't beta, it has been released, though I see that hasn't been posted to planet.ipfire.org.

No Squid, and everything works fine, with the exception of one IPSec tunnel with many individual hosts configured in the local subnets field. Given that there were a few changes related to IPSec and multiple subnets, I thought maybe that was related.

fkienker
Posts: 93
Joined: March 3rd, 2011, 4:59 pm

Re: Issue with IPSec after upgrade to Core 122?

Post by fkienker » August 10th, 2018, 5:42 pm

Are you setting up host-to-net or net-to-net connections? Asking because it's not clear what you have currently based on what you posted.

Best regards, Fred

User avatar
trymes
Posts: 658
Joined: February 9th, 2011, 4:10 pm
Location: New England, USA

Re: Issue with IPSec after upgrade to Core 122?

Post by trymes » August 10th, 2018, 5:56 pm

Whoops! This is a net to net connection.

Post Reply

Who is online

Users browsing this forum: No registered users and 8 guests