Hi all.
Please forgive me if this question is considered offtopic on this
list. I'm not sure where to post it.
Anyway, I have a regression between 2.6.30-rcX and every other version
I tried with regards to Cisco proprietary cisco_ipsec.ko module.
The module compiles cleanly, loads and the VPN connection is created.
So far so good. The problem is that as soon as I send packets on the
tunnel (TCP - UDP doesn't matter, even a nslookup quesry i enough),
the system hangs without messages on console / logs. Powercycle is
needed.
Tested with 2.6.30-rc1 and 2.6.30-rc3 with same results. Last good
version is 2.6.29.2 . Arch is x86 without SMP.
The client version is the latest available to my knowledge,
vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz .
I don't know how to debug this, maybe some people from Cisco on this
list can help.
Thanks and regards,
Fabio
Fabio Comolli schreef:
> Hi all.
> Please forgive me if this question is considered offtopic on this
> list. I'm not sure where to post it.
>
> Anyway, I have a regression between 2.6.30-rcX and every other version
> I tried with regards to Cisco proprietary cisco_ipsec.ko module.
>
> The module compiles cleanly, loads and the VPN connection is created.
> So far so good. The problem is that as soon as I send packets on the
> tunnel (TCP - UDP doesn't matter, even a nslookup quesry i enough),
> the system hangs without messages on console / logs. Powercycle is
> needed.
Hello,
Have you tried using vpnc [1]? Nowadays it works very well (for
connecting to cisco VPNs) and it doesn't require you to recompile
anything whenever you change of kernel. As a bonus, it's opensource ;-)
Eric
[1] http://www.unix-ag.uni-kl.de/~massar/vpnc/
Hi Eric.
On Tue, Apr 28, 2009 at 3:33 PM, Éric Piel <[email protected]> wrote:
> Fabio Comolli schreef:
>> Hi all.
>> Please forgive me if this question is considered offtopic on this
>> list. I'm not sure where to post it.
>>
>> Anyway, I have a regression between 2.6.30-rcX and every other version
>> I tried with regards to Cisco proprietary cisco_ipsec.ko module.
>>
>> The module compiles cleanly, loads and the VPN connection is created.
>> So far so good. The problem is that as soon as I send packets on the
>> tunnel (TCP - UDP doesn't matter, even a nslookup quesry i enough),
>> the system hangs without messages on console / logs. Powercycle is
>> needed.
> Hello,
>
> Have you tried using vpnc [1]? Nowadays it works very well (for
> connecting to cisco VPNs) and it doesn't require you to recompile
> anything whenever you change of kernel. As a bonus, it's opensource ;-)
>
> Eric
>
> [1] http://www.unix-ag.uni-kl.de/~massar/vpnc/
>
Yes, I tried very hard, digging in forums, lists and so on. All without success.
Plus, I need the VPN to connect to my employer's network where the
only supported tool is the proprietary Cisco one. So no help on that
side :-(
Regards,
Fabio
On Tue, 28 Apr 2009 15:09:46 +0200
Fabio Comolli <[email protected]> wrote:
> Hi all.
> Please forgive me if this question is considered offtopic on this
> list. I'm not sure where to post it.
Cisco's own lists.
You can probably use openconnect instead.
Hi.
Just un update: the problem is still present in vanilla 2.6.30 . Let's
hope that someone from Cisco takes care of this problem.
Fabio
On Tue, Apr 28, 2009 at 3:09 PM, Fabio Comolli<[email protected]> wrote:
> Hi all.
> Please forgive me if this question is considered offtopic on this
> list. I'm not sure where to post it.
>
> Anyway, I have a regression between 2.6.30-rcX and every other version
> I tried with regards to Cisco proprietary cisco_ipsec.ko module.
>
> The module compiles cleanly, loads and the VPN connection is created.
> So far so good. The problem is that as soon as I send packets on the
> tunnel (TCP - UDP doesn't matter, even a nslookup quesry i enough),
> the system hangs without messages on console / logs. Powercycle is
> needed.
>
> Tested with 2.6.30-rc1 and 2.6.30-rc3 with same results. Last good
> version is 2.6.29.2 . Arch is x86 without SMP.
>
> The client version is the latest available to my knowledge,
> vpnclient-linux-x86_64-4.8.02.0030-k9.tar.gz .
>
> I don't know how to debug this, maybe some people from Cisco on this
> list can help.
>
> Thanks and regards,
> Fabio
>