<div> </div>
<div>I confirm, compiling openswan-2.4.13 taken from <a href="http://openswan.org">openswan.org</a> for RHEL5 (Centos 5) solves the problem.</div>
<div>At the moment, I can connect l2tp from xp and vista and establish tunnels rom other sites to my site.</div>
<div><br>kernel: 2.6.18-92.el5 RHEL </div>
<div>openswan-2.4.13</div>
<div> </div>
<div>tested.<br></div>
<div class="gmail_quote">On Thu, Dec 25, 2008 at 9:37 AM, Oguz Yilmaz <span dir="ltr"><<a href="mailto:oguzyilmazlist@gmail.com">oguzyilmazlist@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br><br>
<div class="gmail_quote">
<div class="Ih2E3d">On Thu, Dec 25, 2008 at 6:36 AM, Paul Wouters <span dir="ltr"><<a href="mailto:paul@xelerance.com" target="_blank">paul@xelerance.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid">
<div>On Wed, 24 Dec 2008, Oguz Yilmaz wrote:<br><br></div>
<div>> Do you mean this bug is NOT fixed and blocks all RHEL5 versions from<br>> connecting L2TP clients?<br>> Can you show me the link for the bug in some bugzilla or mantis.<br><br></div><a href="http://bugs.xelerance.com/view.php?id=1004" target="_blank">http://bugs.xelerance.com/view.php?id=1004</a><br>
<div><br>> What do you propose to do in that case? I can not change the distro. If you<br>> know the kernel versions that fixed that bug, I can recompile the kernel.<br><br></div>You can try using openswan 2.4.13, or you can try compiling klips into<br>
the rhel kernel but then you probably also need the nat-t patch because<br>your windows clients are behind nat.</blockquote>
<div> </div>
<div> </div></div>
<div>Does openswan 2.4.13 will work with the Netkey in vanilla 2.6.18-92.el5 RHEL kernel? Do you think I need KLIPS?</div>
<div class="Ih2E3d">
<div> </div>
<div> </div>
<blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px 0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><span></span><br>
<div><br>> Can you propose to go with KLIPS? Is it known to be compiling in RHEL5<br>> kernel?<br><br></div>redhat tends to push really recent kernels, but with rhel it might be<br>more stable then fedora, so it could work. I guess ideally we fix bug<br>
1004. The problem is that the wrong policy is injected in the kernel<br>(virtual ip instead of the real ip)<br><font color="#888888"><br>Paul<br></font></blockquote></div></div><br></blockquote></div><br>