After updating the other end of the IPsec tunnel, it turns out that the
workaround doesn't entirely fix the problem.

box1 ---- owrt1 ============= owrt2 ---- box2
                           strongSwan IPsec
                              (tunnel mode)

Initially I only had the nf_conntrack_rtcache module on owrt2. That
caused problems like snmpwalk from box1 to box2 hanging after a single
line of output. With the workaround applied, I did no longer see the
problem. I could snmpwalk, ping and SSH from box1 to box2 fine. When I
later updated owrt1 to also have the nf_conntrack_module (+workaround),
the problems were back. This time, snmpwalk from box1 to box2 hangs
after two lines of output.

