Hi All.
On our device I am able to establish IPsec IKEv1 rules successfully on
kernel version 5.10.199. Ping, Telnet, http (port 80) etc works fine.
However when I am trying to https to device, operation fails and error
is in xfrm_input.c and error is
if (nexthdr == -EBADMSG), nexthdr is EBADMSG and the packet is
dropped. I do not understand why https fails.
Have any of you come across this error?
Regards,
Jaya
On 3/1/2024 4:35 AM, Jayalakshmi Manunath Bhat , wrote:
> Hi All.
>
> On our device I am able to establish IPsec IKEv1 rules successfully on
> kernel version 5.10.199. Ping, Telnet, http (port 80) etc works fine.
> However when I am trying to https to device, operation fails and error
> is in xfrm_input.c and error is
> if (nexthdr == -EBADMSG), nexthdr is EBADMSG and the packet is
> dropped. I do not understand why https fails.
>
> Have any of you come across this error?
>
> Regards,
> Jaya
Can you try with a more recent kernel? Try mainline, or a recent 6.6.* stable kernel.
Thanks,
Easwar
Hi Easwar,
Thank you for the response. In ourcase 5.10 is the identified the
kernel for the products to be released.
6.6 is not a feasible option.
Regards,
Jayalakshmi
On Fri, Mar 1, 2024 at 10:29 PM Easwar Hariharan
<[email protected]> wrote:
>
> On 3/1/2024 4:35 AM, Jayalakshmi Manunath Bhat , wrote:
> > Hi All.
> >
> > On our device I am able to establish IPsec IKEv1 rules successfully on
> > kernel version 5.10.199. Ping, Telnet, http (port 80) etc works fine.
> > However when I am trying to https to device, operation fails and error
> > is in xfrm_input.c and error is
> > if (nexthdr == -EBADMSG), nexthdr is EBADMSG and the packet is
> > dropped. I do not understand why https fails.
> >
> > Have any of you come across this error?
> >
> > Regards,
> > Jaya
>
> Can you try with a more recent kernel? Try mainline, or a recent 6.6.* stable kernel.
>
> Thanks,
> Easwar