[Openswan Users] "IPsec SA established" but ESP onlt in one
direction
Jacco de Leeuw
jacco2 at dds.nl
Thu Aug 26 19:38:32 CEST 2004
perr wrote:
> I configured Openswan on debian linux.
> Access is through certificates for L2TP over IPsec.
> NAT'ting router
> In this case I see again "IPsec SA established", but ESP packets flow only from
> the NAT'ting router public address to VPN gateway public address, and no packet
> go to the opposite direction!!!!
>
> l2tpd DOES NOT any log, as if incoming packets were discarded.
Are you using the 26sec backport in Debian? I could not get l2tpd to
work with 26sec on kernel 2.6 when there was NAT involved. I don't
know yet what is going on. Reportedly, rp-l2tp does not have this
problem.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list