[Openswan Users] Openswan/L2TP Windows Roadwarrier setup

Eric Anderson eric at afaik.us
Tue Aug 3 10:11:13 CEST 2004


Jacco de Leeuw wrote:
> There are also commercial L2TP/IPsec offerings:
> http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#ServerswithL2TPIPsec

I was hoping not to have to resort to commercial software. It looked 
like the Linux software was fairly robust and tested. Are you saying it 
is not ready for prime time yet?

> And there are alternatives such as PPTP and plain IPsec.

Plain IPSec is not a option because it has to work with the Windows 
Client out-of-the-box (no downloads). I may switch to PPTP if IPSec on 
Linux isn't stable enough to be used in an enterprise environment, but I 
have heard negative things about PPTP and was hoping that IPSec could be 
used.

> cvs2002? But 2.1.4 is the current version. Odd...
> 
>  > Jul 29 17:18:48 nogo pluto[15983]: "L2TP-PSK-orgWIN2KXP"[2] 65.6.P.Q #2:
>  > cannot respond to IPsec SA request because no connection is known for
>  > 
> 65.83.X.Y[S=C]:17/0...65.6.P.Q[192.168.0.111,S=C]:17/1701===192.168.0.111/32 
> 
> 
>> The remote client is sitting behind NAT so it's actual address is 
>> 192.168.0.111
> 
> 
> The NAT is the problem.

I thought the NAT-T patch was for when the server was behind a NAT, not 
the client. Is that incorrect? That was my understandings from the docs.

Thank you greatly for your help,

Eric



More information about the Users mailing list