[strongSwan] Problem sending a packet out a raw socket over IPsec

Andreas Steffen andreas.steffen at strongswan.org
Mon Jun 20 23:14:14 CEST 2011

Hello Clifton,

could you send my your ipsec.conf files and the output of the
ipsec statusall command after you sent a couple of packets?



On 06/20/2011 11:00 PM, Lin, Clifton (US SSA) wrote:
> Hello,
> I have set up a strongSwan IPsec connection between two hosts, and I
> can ping across with no problem.  Now, I am trying to send an
> arbitrary IP packet out a raw socket destined for the other host, and
> I would like for this IP packet to traverse the IPsec connection.
> However, when I try this, it appears that the packet does NOT get
> encrypted by IPsec, as I hoped it would.  Also, (as a result of the
> IPsec encapsulation not happening), the packet does not match the
> iptables rule that strongswan inserts into the OUTPUT chain to accept
> tunneled packets.  Any idea what is wrong or how I can make this
> work?
> Thanks, Clifton

Andreas Steffen                         andreas.steffen at strongswan.org
strongSwan - the Linux VPN Solution!                www.strongswan.org
Institute for Internet Technologies and Applications
University of Applied Sciences Rapperswil
CH-8640 Rapperswil (Switzerland)

More information about the Users mailing list