Support Center > Search Results > SecureKnowledge Details
VPN Encryption Domain Routes are not added to kernel via RIM in VSX environment Technical Level
Symptoms
  • VPN Encryption Domain Routes are not added to kernel via RIM in VSX environment.

  • When fwaccel and vpn accel off, ESP packets are being sent over a vpn tunnel are being sent to a destination that has a broadcast mac address.

  • In Kernel debug (fw ctl debug -m VPN + policy; fw ctl debug -m fw + route drop) similiar errors can be seen:
    [vpnd] @Hostname[DATE TIME][tunnel] RIM_OS_Worker_handler: RIM Worker thread received 2 new routes to process from vpnd
    [vpnd] @Hostname[DATE TIME][tunnel] rm_route_execute: Error adding route 123.123.123.123/255.255.255.255->0.0.0.0. cprti reason: OS API returned error
    [vpnd] @Hostname[DATE TIME][tunnel] rm_route_execute: Error adding route 21.21.21.0/255.255.255.0->0.0.0.0. cprti reason: OS API returned error
Solution
Note: To view this solution you need to Sign In .