Project

General

Profile

Actions
Copy link

Bug #8961

closed

IPSEC issues with Asynchronous Cryptography

Added by Chris Macmahon over 5 years ago. Updated over 5 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
Renato Botelho
Category:
IPsec
Target version:
2.4.4-p1
Start date:
09/26/2018
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:

Description

With the release of 2.4.4 we enabled `Asynchronous Cryptography` by default, we are seeing cases where traffic does not pass over the ipsec tunnel with this enabled.

ICMP to a known host on the tunnel works, when trying to connect by UDP or TCP to the same host, traffic is not passing.

PCAPS show the SYN on the IPSEC interface, but no correlating ESP traffic leaving the device.

We have had reports of disabling async on one side of the tunnel does not resolve the issue, both sides need to be disabled for traffic to work again.

Actions
Copy link
 #1

Updated by Anonymous over 5 years ago

  • Target version changed from 2.4.4-GS to 2.4.4-p1
Actions
Copy link
 #2

Updated by Anonymous over 5 years ago

  • Assignee set to Renato Botelho
Actions
Copy link
 #3

Updated by Jim Pingle over 5 years ago

  • Status changed from New to Duplicate

Duplicate of #8964 (it came later, but has more detail and comments with additional info)

Actions
Copy link

Also available in: Atom PDF