<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-1">
<META content="MSHTML 6.00.2900.2604" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> Hey all,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2> Iīm using openswan
with L2TP windows road-warriors, as explained on the Nate Carsonīs
page. It almost always works, and after several tests, I found out that
when it doesnt, its because the windows notebook is behind some ADSL modens
(like DSLINK 200) configured to do NAPT as its
default intranet->internet conversion. When I
change the moden behavior to "BASIC" (nat 1:1) then it works
fine. I tried with openswan 2.1.5, 2.2.0 and 2.3.1r4, hoping that
maybe changes in NAT-T would help me, but no luck so far. </FONT></DIV>
<DIV><FONT face=Arial size=2> Below follows the log of a
failed connection. Everything from the beginning to the "Mar 29 13:20:31" entry
just keeps repeating, until windows gives up with a timeout.</FONT></DIV>
<DIV><FONT face=Arial size=2> I
know reconfiguring/changing the modem will work, but that isnt an option
sometimes, so Im hoping I can do something on the server side.</FONT></DIV>
<DIV><FONT face=Arial size=2> Any help will be greatly
appreaciated, since I think I ran out of options.</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial
size=2>
Thanks,</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>
Marcelo</FONT></DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV><FONT face=Arial size=2>Mar 29 13:20:16 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY
00000004]<BR>Mar 29 13:20:16 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [FRAGMENTATION]<BR>Mar 29
13:20:16 vpnserver pluto[4553]: packet from 201.15.136.27:50041: received Vendor
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106<BR>Mar 29
13:20:16 vpnserver pluto[4553]: packet from 201.15.136.27:50041: ignoring Vendor
ID payload [Vid-Initial-Contact]<BR>Mar 29 13:20:16 vpnserver pluto[4553]:
"roadwarrior-l2tp"[3] 201.15.136.27 #3: responding to Main Mode from unknown
peer 201.15.136.27<BR>Mar 29 13:20:16 vpnserver pluto[4553]:
"roadwarrior-l2tp"[3] 201.15.136.27 #3: transition from state STATE_MAIN_R0 to
state STATE_MAIN_R1<BR>Mar 29 13:20:17 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY
00000004]<BR>Mar 29 13:20:17 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [FRAGMENTATION]<BR>Mar 29
13:20:17 vpnserver pluto[4553]: packet from 201.15.136.27:50041: received Vendor
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106<BR>Mar 29
13:20:17 vpnserver pluto[4553]: packet from 201.15.136.27:50041: ignoring Vendor
ID payload [Vid-Initial-Contact]<BR>Mar 29 13:20:17 vpnserver pluto[4553]:
"roadwarrior-l2tp"[4] 201.15.136.27 #4: responding to Main Mode from unknown
peer 201.15.136.27<BR>Mar 29 13:20:17 vpnserver pluto[4553]:
"roadwarrior-l2tp"[4] 201.15.136.27 #4: transition from state STATE_MAIN_R0 to
state STATE_MAIN_R1<BR>Mar 29 13:20:19 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY
00000004]<BR>Mar 29 13:20:19 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [FRAGMENTATION]<BR>Mar 29
13:20:19 vpnserver pluto[4553]: packet from 201.15.136.27:50041: received Vendor
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106<BR>Mar 29
13:20:19 vpnserver pluto[4553]: packet from 201.15.136.27:50041: ignoring Vendor
ID payload [Vid-Initial-Contact]<BR>Mar 29 13:20:19 vpnserver pluto[4553]:
"roadwarrior-l2tp"[5] 201.15.136.27 #5: responding to Main Mode from unknown
peer 201.15.136.27<BR>Mar 29 13:20:19 vpnserver pluto[4553]:
"roadwarrior-l2tp"[5] 201.15.136.27 #5: transition from state STATE_MAIN_R0 to
state STATE_MAIN_R1<BR>Mar 29 13:20:23 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY
00000004]<BR>Mar 29 13:20:23 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [FRAGMENTATION]<BR>Mar 29
13:20:23 vpnserver pluto[4553]: packet from 201.15.136.27:50041: received Vendor
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106<BR>Mar 29
13:20:23 vpnserver pluto[4553]: packet from 201.15.136.27:50041: ignoring Vendor
ID payload [Vid-Initial-Contact]<BR>Mar 29 13:20:23 vpnserver pluto[4553]:
"roadwarrior-l2tp"[6] 201.15.136.27 #6: responding to Main Mode from unknown
peer 201.15.136.27<BR>Mar 29 13:20:23 vpnserver pluto[4553]:
"roadwarrior-l2tp"[6] 201.15.136.27 #6: transition from state STATE_MAIN_R0 to
state STATE_MAIN_R1<BR>Mar 29 13:20:31 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY
00000004]<BR>Mar 29 13:20:31 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Vendor ID payload [FRAGMENTATION]<BR>Mar 29
13:20:31 vpnserver pluto[4553]: packet from 201.15.136.27:50041: received Vendor
ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set to=106<BR>Mar 29
13:20:31 vpnserver pluto[4553]: packet from 201.15.136.27:50041: ignoring Vendor
ID payload [Vid-Initial-Contact]<BR>Mar 29 13:20:31 vpnserver pluto[4553]:
"roadwarrior-l2tp"[7] 201.15.136.27 #7: responding to Main Mode from unknown
peer 201.15.136.27<BR>Mar 29 13:20:31 vpnserver pluto[4553]:
"roadwarrior-l2tp"[7] 201.15.136.27 #7: transition from state STATE_MAIN_R0 to
state STATE_MAIN_R1<BR>Mar 29 13:20:45 vpnserver pluto[4553]: packet from
201.15.136.27:50041: ignoring Delete SA payload: not encrypted<BR>Mar 29
13:20:45 vpnserver pluto[4553]: packet from 201.15.136.27:50041: received and
ignored informational message<BR></DIV></FONT></BODY></HTML>