<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"><HTML DIR=ltr><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1"></HEAD><BODY><DIV><FONT face='Arial' color=#000000 size=2>
<P><FONT size=2>Dear all<BR><BR>I have followed two or three different guides to
getting this working<BR>and after a long period have eventually managed to get
the IPSEC side of<BR>things working (I think ! )<BR><BR>The WinXP client is
behind a NATting ADSL router, so is the linux<BR>server.<BR><BR>However when
WinXP moves to the L2TP stage, if I am running tcpdump on<BR>ipsec0 I can see
l2tp packets arriving (which I assume means they came<BR>in encrypted, have been
de-scrambled and pushed into ipsec0 as clear<BR>packets)<BR><BR>However l2tpd
does not see these packets (it really weird actually,<BR>l2tpd breaks out of the
select its been sleeping in, with the fd<BR>connected to the socket, but when it
issues the recvmsg, gets EAGAIN, so<BR>goes back to sleep, a quick test program
that sends out a dummy UDP<BR>packet on 1701 proves its not a programming error
by waking and sending<BR>data correctly)<BR><BR>I've tried using xl2tpd also, no
joy.<BR><BR>Packet forwarding is on generally and for the interfaces ipsec0 and
eth0<BR>it is on and rp_filter is off. I've tried with ipsec0 having same
and<BR>slightly different address to eth0 which is where the
internet<BR>connection is made.<BR><BR>Currently I have no firewall rules on
port 1701 (as mentioned above the<BR>packet arrival does wake up l2tpd, but then
no data is available for the<BR>program. I also wrote a simple UDP server to see
if I would get a wake<BR>up after just sleeping on recvfrom. The process does
not wake even as<BR>tcpdump is reporting packets received on
ipsec0)<BR><BR><BR>Does anyone have any ideas why traffic is not being delivered
to<BR>processes?<BR><BR>I think I am using KLIPS, I ran a patch on my 2.4 kernel
and then had a<BR>load of ipsec options in the kernel config (I don't think they
were<BR>there bfore ! ) A new kernel was built and installed.<BR><BR>How can I
tell if I am using KLIPS or NETKEY?<BR><BR>I have been stuck on this now for
about a day, any help would be greatly<BR>appreciated.<BR><BR>Many thanks in
advance<BR><BR>Regards<BR><BR>Bill Melotti<BR>Network Operations
Manager<BR><BR>V 01635-508200<BR>F 01635-550783<BR>E
bill.melotti@cognitomobile.com<BR><BR>Cognito Ltd<BR>Block 4<BR>Benham
Valence<BR>Newbury<BR>Berks<BR>RG20
8LU<BR><BR>www.cognitomobile.com<BR><BR><BR></FONT></P></FONT></DIV><br><br>
<P class=MsoNormal><FONT face=Tahoma color=#333333 size=2><SPAN style="FONT-SIZE: 10pt; COLOR: #333333; FONT-FAMILY: Tahoma">NOTICE: Cognito Limited. Benham Valence, Newbury, <?xml:namespace prefix = st1 ns = "urn:schemas-microsoft-com:office:smarttags" /><st1:place w:st="on"><st1:City w:st="on">Berkshire</st1:City>, <st1:PostalCode w:st="on">RG20 8LU</st1:PostalCode></st1:place>. <st1:place w:st="on"><st1:country-region w:st="on">UK</st1:country-region></st1:place>. Company number 02723032. </SPAN></FONT><FONT face=Tahoma color=#333333 size=2><SPAN style="FONT-SIZE: 10pt; COLOR: #333333; FONT-FAMILY: Tahoma">This e-mail message and any attachment is confidential. It may not be disclosed to or used by anyone other than the intended recipient. If you have received this e-mail in error please notify the sender immediately then delete it from your system. Whilst every effort has been made to check this mail is virus free we accept no responsibility for software viruses and you should check for viruses before opening any attachments. Opinions, conclusions and other information in this email and any attachments which do not relate to the official business of the company are neither given by the company nor endorsed by it.<?xml:namespace prefix = o ns = "urn:schemas-microsoft-com:office:office" /><o:p></o:p></SPAN></FONT></P>
<P align=center>This message has been scanned for viruses by <A href="http://www.mailcontroller.altohiway.com/">Mail Controller</A>.</P>
</body></HTML>