Hello, I am using various XG Firewall (in a lab environment) with ipsec tunnel in full meshed and all are work up and running (active and connection ok). The dummy name are: FW1, FW2, FW3
however some tunnel work correctly and some doesnt permit the vpn traffic to pass correctly
The situation is:
FW1--> FW2, FW3 --> OK
FW2--> FW1,FW2--> KO
FW3-->FW1,FW2--> KO
Sniffing the ipsec0 logical interface I notice:
SF01V_SO01_SFOS 15.01.0 MR-1.1# tcpdump -nni ipsec0 host 169.254.234.5
tcpdump: Starting Packet Dump
23:11:14.054519 ipsec0, OUT: IP 169.254.234.5 > 192.168.10.100: ICMP echo request, id 4, seq 48107, length 40
The source IP must be the private IP of the PC...
Why I see the snated with IP related to the ipsec0?
2: ipsec0: <BROADCAST,MULTICAST,NOARP,UP,LOWER_UP> mtu 16260 qdisc noqueue group 0x05 nfmark 0x200 nfmark6 0x200 nettype 0 gwoffset 0 gwoffset6 0 np 0 np6 0 state UNKNOWN group default
link/ether 8e:9c:d0:fc:d1:c2 brd ff:ff:ff:ff:ff:ff
inet 169.254.234.5/32 scope global ipsec0
valid_lft forever preferred_lft forever
Thank you
This thread was automatically locked due to age.
