Comments on: IPSEC VPN problems upgrading to Ubuntu Edgy http://johnleach.co.uk/words/243/ipsec-vpn-problems-upgrading-to-ubuntu-edgy Stuff I think, see and do Mon, 14 May 2012 20:40:50 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: Santhish http://johnleach.co.uk/words/243/ipsec-vpn-problems-upgrading-to-ubuntu-edgy/comment-page-1#comment-27833 Santhish Wed, 20 Feb 2008 15:03:09 +0000 http://johnleach.co.uk/words/archives/2006/11/02/243/#comment-27833 Hi, This is regarding the DNAT'ing bug you've been talking about. I came across a similar issue when IPSec and DNAT being used on the same peer. This applies only to kernel version below 2.6.16 and works well for kernel 2.6.18. Observation:For example if I try to use Transparent Proxy using some DNAT..I find a new ESP packet originated from the translated IP(DNAT) towards the far end IPsec peer(Unintended behavior). This results in integrity check failure thus failed Transparent Proxy behavior. Any comments,suggestions and workarounds are welcome. Thanks, Santhish. Hi,

This is regarding the DNAT’ing bug you’ve been talking about.

I came across a similar issue when IPSec and DNAT being used on the same peer. This applies only to kernel version below 2.6.16 and works well for kernel 2.6.18.

Observation:For example if I try to use Transparent Proxy using some DNAT..I find a new ESP packet originated from the translated IP(DNAT) towards the far end IPsec peer(Unintended behavior).

This results in integrity check failure thus failed Transparent Proxy behavior.

Any comments,suggestions and workarounds are welcome.

Thanks,
Santhish.

]]>