[Openswan Users] Problem with connection road

[Salvatore Basso]

Hi and thanks for your aid !

> What error message exactly?

..Connection to 4.5.6.7
Error 792: Try to connection L2TP not succeed. Time worn out for protection negotiation

... sorry for my translate !! :)

> > $IPTABLES -A OUTPUT  -o eth0 -p udp  --destination-port 1701 
> > $IPTABLES -A INPUT  -i eth0 -p udp  --destination-port 1701 
> 
> I don't think you should allow L2TP in when it is not protected by IPsec.

..therefore I can then not use ?? are you useless ??
 
> > Jul 20 13:01:45 IPsec SA established {ESP=>0xb605f628 <0x8f49ca0d}
> 
> Seems to be going OK. Perhaps you should check the l2tpd log and/or
> the Windows PPP log? Or post your ipsec.conf if there is a routing
> problem?
> 

with tcpdump i view the l2tp traffic on my ip pubblic !

..post my ipsec.conf !

version     2.0



# basic configuration
config setup
 # eth0 e' l'int pub del fw
      interfaces="ipsec0=eth0"

      nat_traversal=yes
# default configuration
conn %default
      authby=rsasig
# Add connections here.
#my connection
conn Luca
    auto=ignore
    pfs=yes
 #--------
 #sede A uff left (locale)
       left=4.5.6.7
       leftsubnet=10.0.0.0/24
       leftnexthop=4.5.6.6
       leftid=@domain.com
       leftrsasigkey=0sAQPZ3ShGhsY1UVuJG18
 #
 #--------
 #sede B luca right (remoto)
       right=1.2.3.4
       rightsubnet=192.168.0.0/24
       rightnexthop=1.2.3.3
       rightid=@bla.com

 #---------
conn left-road
    auto=start
    authby=secret
    pfs=no
    type=transport
 #--------
 #sede A uff left (locale)
 #left indica ip pub della eth0 sul fw
         left=4.5.6.7
         leftnexthop=4.5.6.6
         leftprotoport=17/1701
 #
 #--------
 #sede B luca right (remoto)
 #right indica lip pub della eth0 sul fw
      right=%any
      rightprotoport=17/1701


thanks.

----------
        
        Salvatore.

---
[This E-mail scanned for viruses by Declude Virus]