From: R, Vasisht (Vasisht) (vasishtr@lucent.com)
Date: Mon Feb 20 2006 - 07:34:53 EST
Hi managers,
We are facing problems when using IPSec. Here is a gist of the problem :
We have a server (A) which connects to two other hosts (H1 and H2) through
IPSec (transport mode). H1 is primary, and H2 is secondary (standby). All
communication between A and H1 were going on fine. Under normal
circumstances, when A is restarted, it will communicate with H1 only. We
guess this would go through fine since the restarted server initiates the
communication. In our case, A was restarted and it failed to communicate
with H1. Strangely, it communicated successfully with H2. We have no records
of a switchover of hosts(where H2 becomes active instead of H1 or the
reverse). We checked the ipseckey dump for A and found that it had SAs for
H2 and none for H1. (For you info., outgoing ping is disabled from A to
H1/H2). We were not able to ping from H1 to A (which could be done in normal
circumstances). We then disabled IPSec and were able to establish
communication successfully between A and H1.
What could be the problem? We are running SunOS 5.9.
Thanks,
Vasisht.
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:39:01 EDT