No traffic goes through an established IKEv1 IPsec tunnel
Issue
- IKEv1 IPsec connections are established successfully but no traffic comes through (the peers cannot ping each other).
- ESP traffic is received by the network interface successfully but cannot be decoded.
XfrmInTmplMismatch
orXfrmInStateProtoError
XFRM statistics are increasing.- Interoperability problems of
libreswan
over IKEv1 with other implementations or with older versions oflibreswan
.
Environment
- Red Hat Enteprise Linux 8.3
libreswan-3.32-6.el8
andlibreswan-3.32-7.el8_3
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.