Hi,

I am trying to use IPSec in ESP transport mode between 2 machines.
I am able to establish IPSec communication path between 2 hosts.The issue is that the first IPSec packet reaching host 2 from host 1 result in following output using netstat.On searching the web it seems like a fragmentation issue where the packets are fragmented before encryption.Is there any configuration setting in SUSE where we can acheive this.I heard that in netbsd we can edit /etc/pf.conf and add "scrub in all" line to acheive this.Please help me.I am not good in system level stuffs.

I am using 2.6.16.53-0.16 kernal with SUSE.

netstat -ss -p ipsec
(Fast) IPsec:
79 policy violations: 79 input 0 output
234335 SPD cache lookups
234335 SPD cache misses

IPsec ah:
ah histogram:
ah packets with hmac-md5: 99

IPsec esp:
99 esp input packets processed
44 esp packets with bad authentication
esp histogram:
esp packets with aes-cbc: 99

Thanks a lot for the help
Jay