Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Isakmp passthrough anomaly

    Firewalling
    1
    1
    908
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • L
      lleroy
      last edited by

      Hello everyone,

      here is my situation : I have a CaptivePortal, clients on one vlan interface, and uplink on a physical int

      I've migrated from a 2.0.1-RC3 to 2.0.3-RELEASE
      everything is working as good as previously, except for one thing : isakmp packets

      I can see incoming packets :
      12:24:23.441408 IP 172.16.xxx.yyy.55618 > aaa.bbb.ccc.ddd.500: isakmp: parent_sa ikev2_init _but nothing goes out (via the uplink link)

      Firewall rules didn't changed, I log every denied packets but those vpn ones don't appear in pflog0 so I think it's not about rules

      It seems I'm missing a sysctl options or something at kernel level, isn't it ?

      I have actived logs on "pass" rules, but I will not be able to make the vpn test today in order to prove the packet is authorized

      Thanks !_

      1 Reply Last reply Reply Quote 0
      • First post
        Last post