[Openswan Users] Quick Mode I1 message is unacceptable
jacco2 at dds.nl
jacco2 at dds.nl
Fri Mar 26 23:00:04 CET 2004
Sergio Simone wrote:
> I've just set up Openswan 2.1.1.
> I need it to do l2tp over ipsec for win2k/XP roadwarriors.
> This is what i'm seeing in the log when I attempt a connection from the
> win2k client:
>
> 10.10.10.214:4500 #2: NAT-Traversal: Transport mode disabled due to
> security concerns
NAT-T with L2TP over IPsec in Transport Mode is currently experimental. By default
it is disabled in the Makefile. It has to be explicitly enabled:
http://www.jacco2.dds.nl/networking/super-freeswan-ignoreTransportmodeNAT-risk.patch
For more information see:
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#NAT
Jacco
More information about the Users
mailing list