You are not logged in.
Hello,
There are 3 machines with archlinux, they were upgraded today.
I'm using manual from archwiki to set up VPN connection.
2 machines were set up few months ago, and 3rd machine was set up today.
Config files are absolutely the same except for left ip address and inteface name. There is no single iptable rule I'm able to find on any machine.
Threre are no errors on any machine during openswas starting, xl2tpd starting or ipsec starting or ipsec verifying, all outputs are the same.
traceroute to destination server with destination port produces the same results.
ping of destination domain name resolves to correct ip address and has same output on all 3 machines.
The problem is 3rd (recent) machine is unanble to wget something from destination web server, it is unable to connect to server by ssh using raw ip address, it is unable to open any website from destination web server. I'm receiving timouts for ssh and wget.
Please help me find the difference in system configuration which lead to this problem.
I'm not using any script, everything is done by hand following wiki. ip route produces nearly the same output on all machines, except local ip address. There is no NAT or DMZ or port forwarding rules on routers.
Last edited by awpe (2017-06-17 11:00:11)
Offline
Well the problem is a bug introduced in recent kernels, the kernel was the thing I didn't upgrade on other machines.
Last kernel 4.11 is not working - application will never receive ACK responses, yet ping and traceroute will show you that everything is OK.
The solution - use kernel 4.9.32-1-lts.
Last edited by awpe (2017-06-17 14:22:44)
Offline