[strongSwan] Problem sending a packet out a raw socket over IPsec

Lin, Clifton (US SSA) clifton.lin at baesystems.com
Mon Jun 20 23:00:39 CEST 2011


I have set up a strongSwan IPsec connection between two hosts, and I can ping across with no problem.  Now, I am trying to send an arbitrary IP packet out a raw socket destined for the other host, and I would like for this IP packet to traverse the IPsec connection.  However, when I try this, it appears that the packet does NOT get encrypted by IPsec, as I hoped it would.  Also, (as a result of the IPsec encapsulation not happening), the packet does not match the iptables rule that strongswan inserts into the OUTPUT chain to accept tunneled packets.  Any idea what is wrong or how I can make this work?


More information about the Users mailing list