OPNsense Forum

Archive => 17.7 Legacy Series => Topic started by: obrienmd on October 11, 2017, 01:02:28 am

Title: IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE
Post by: obrienmd on October 11, 2017, 01:02:28 am: After struggling with zerotier performance, I'm getting back into running routing protocols over GRE, with IPSec in transport mode. I have a pair on 17.7 (no point upgrades) seemingly working fine, but with my boxes on the current 17.7.5 point release, with the same configs, I have a few pairs that get good SAs, SPs, but cannot pass any traffic and show the following in the log whenever a packet tries to go out:

Code: [Select]
charon: 07[KNL] received invalid PF_ROUTE messageSearching for this ^ returns only a reference to the strongswan source code :)

When I ping one WAN IP from another (leaving GRE out entirely), I get:
Code: [Select]
ping: sendto: Permission denied
Does anyone have IPSec transport mode working on 17.7.5?

SMF 2.0.19 | SMF © 2021, Simple Machines
Privacy Policy