Re: [m0n0wall] IPSEC Issues site-to-site ver 1.22

From:	"Don Munyak" <don dot munyak at gmail dot com>
To:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] IPSEC Issues site-to-site ver 1.22
Date:	Wed, 10 May 2006 10:01:42 -0400

Manuel, Chris, or anyone else

Has anything changed with respect to IPSEC from 1.21 to 1.22 which
would create any problems setting up IPSEC site-to-site between two
m0n0walls?

I noticed from the change log... "added option to System: Advanced
page to allow IPsec/ESP-encrypted IP fragments to be passed (mkasper)"

What exactly can this do for me ??

~Don

On 5/8/06, Don Munyak <don dot munyak at gmail dot com> wrote:
> > Anyway, Here's my config for the site-to-site IPSEC configuration.
> > This same configuration works on ver 1.21 using two(2) soekris
> > routers. This configuration is not working with verison 1.22 using
> > two(2) netgate routers. These are the only difference between the two
> > different client sites. I personally don't feel the router hardware
> > has anything to do with this... but I could be wrong ??
> >
>
> btw...I did check SAD/SPD as suggested from docbook
> http://doc.m0n0.ch/handbook/troubleshooting-bridging.html
>
> I do have two entries for each, SAD/SPD, at both ends.
>
> ~Don
>