[Openswan Users] Openswan 2.6.26 + mast + saref + xl2tpd
Paul Wouters
paul at xelerance.com
Tue Jun 8 08:53:00 EDT 2010
On Tue, 8 Jun 2010, Vincent Bernat wrote:
> I am using Openswan 2.6.26 with a 2.6.32 kernel. I have applied the SAref
> patch on top of the kernel as well as the regular Openswan patch. I can
> establish a tunnel without problem. xl2tpd is 1.2.5 with saref support. On
> start, it does not complain with missing SAref support, so I suppose that
> everything is OK from the kernel side.
>
> If I try to establish an L2TP connection, I receive no answer from xl2tpd
> daemon. I can see with tcpdump the packets flying out to mast0 interface
> but they don't turn into ESP packets. If I enable debug in xl2tpd, I get:
>
> xl2tpd[3549]: network_thread: recv packet from 10.X.X.X, size = 101,
> tunnel = 0, call = 0 ref=2 refhim=1
> xl2tpd[3549]: sending with saref=1
Have you configured the mast0 interface to have the same IP as your public
facing interface?
Did you try lowering the mtu slightly? eg 1472 ?
do you have iptables support?
do you have proper /etc/sysctl.conf settings? (see /etc/ipsec.d/examples)
> Any idea on why Openswan is not able to find the correct saref and
> therefore is unable to send answers?
Perhaps show us "ipsec barf" ?
Paul
More information about the Users
mailing list