Site menu:

Sponsored by

Bitcube Ltd. Expert Linux Consultancy

Currently...

  • @popey superb, now you can cook and iron your shirts at the same time. Quite what your colleagues will think of the hickory aroma I dunno in reply to popey 3 days ago
  • @geehowquaint surely normal people are never "in" fashion, only weirdos :-) in reply to geehowquaint 5 days ago
  • not bad hold music on this teleconference 1 week ago
  • ripped jeans with backing cloth to avoid bare skin does seems a little silly. I doubt I'll ever understand fashion. 1 week ago
  • Dear PCWorld, I knew your computer skills were bad, I didn't know until recently that your grammar was too. It's not "a 3gigs memory". 1 week ago
  • More updates...

Categories

Meta

Site search

 

January 2009
M T W T F S S
« Dec   Feb »
 1234
567891011
12131415161718
19202122232425
262728293031  

Archives

Links:

World’s fastest IPSec fix?

The other week I had to setup an IPSec gateway at work. After fighting various issues for a while (not adding a new rule to tell the firewall to _not_ NAT the packets being one), I hit a problem which was easier to diagnose.

Our firewall has four external IPs, when I started up the VPN manually it correctly used the IP I told it to, but then unfortunately sent it using one of the other IPs. This was a problem. Fortunately the “automatically start VPN when required” policies worked just fine.

I posted about this to the ipsec list, including details of where I’d traced it back to in the code. A whole eight minutes later I had received an explanation (what I’d guessed was going on TBH) and details of how to workaround it. I love open source support (most of the time).

Posted: January 13th, 2009 under Linux.
Comments: none

Write a comment