We have a remote site that used to form tunnels just fine, but suddenly stopped. After troubleshooting for a bit, I eventually switched out from esp to nat-t mode. Boom, tunnels came up. Great.
Fast forward two days later, and they’re down again.
tcpdump on both sides show the remote node’s packets never reach our data center.
I called the ISP to complain and they gave me the whole “we don’t block anything by default, I can’t confirm whether or not I see the traffic.” (It’s residential grade broadband.)
Finally we tried modified NAT-T with a custom port number. Boom, tunnels came up. Few days later they went down again. What is going on?
No comments:
Post a Comment