On Thu, 2015-03-26 at 20:10 +0000, Olda Bartunek wrote: > David Woodhouse <dwmw2 <at> infradead.org> writes: > > > > > Oops, please git pull and try again. > > > > Ok, so with updated main.c I moved a bit. Windows client is able to > authenticate, even get configuration so tunnel looks to be up but > packets do > not flow. With --verbose everything looks same (of course except TAP > driver > and vpnc-script-win output) till end of message "ESP session > established > with server" where Linux client just repeating "Send ESP probes for > DPD" but > Windows client repeating following discard: > Discarding replayed ESP packet with seq 1 > Discarding replayed ESP packet with seq 2 > 0000: 21 00 00 00 00 00 00 00 01 2f 01 00 00 00 01 00 > 0010: 00 00 00 00 00 0d 00 06 00 00 00 07 00 01 00 00 > 0020: 00 01 01 > Send ESP probes for DPD > Discarding replayed ESP packet with seq 3 > Discarding replayed ESP packet with seq 4 > Send ESP probes for DPD > Discarding replayed ESP packet with seq 5 > Discarding replayed ESP packet with seq 6 > Send ESP probes for DPD > Discarding replayed ESP packet with seq 7 > Discarding replayed ESP packet with seq 8 > Send ESP probes for DPD > Discarding replayed ESP packet with seq 9 Hm. And with --no-dtls it works OK, I presume? This is verify_packet_seqno() in esp.c. Can you make it print the values of esp->seq_backlog and esp->seq so we can see what's happening? And try just making it return zero :) -- dwmw2 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 5745 bytes Desc: not available URL: <http://lists.infradead.org/pipermail/openconnect-devel/attachments/20150326/34882234/attachment.bin>
