Home
Help
Search
Login
Register
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE
« previous
next »
Print
Pages: [
1
]
Author
Topic: IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE (Read 3374 times)
obrienmd
Newbie
Posts: 13
Karma: 1
IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE
«
on:
October 11, 2017, 01:02:28 am »
After struggling with zerotier performance, I'm getting back into running routing protocols over GRE, with IPSec in transport mode. I have a pair on 17.7 (no point upgrades) seemingly working fine, but with my boxes on the current 17.7.5 point release, with the same configs, I have a few pairs that get good SAs, SPs, but cannot pass any traffic and show the following in the log whenever a packet tries to go out:
Code:
[Select]
charon: 07[KNL] received invalid PF_ROUTE message
Searching for this ^ returns only a reference to the strongswan source code
When I ping one WAN IP from another (leaving GRE out entirely), I get:
Code:
[Select]
ping: sendto: Permission denied
Does anyone have IPSec transport mode working on 17.7.5?
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
Archive
»
17.7 Legacy Series
»
IPSec transport won't pass traffic - charon: 07[KNL] received invalid PF_ROUTE