[Openswan Users] Trouble with L2TP and NAT traversal
Nels Lindquist
nlindq at maei.ca
Thu May 13 14:47:04 CEST 2004
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 13 May 2004 at 10:26, Jacco de Leeuw wrote:
> Are you sure that the NAT-T update has been installed on the Windows
> clients?
I *thought* I was sure, but now I'm not.
The "Advanced Networking Pack for Windows XP" is listed in Add/Remove
programs, but that isn't it, right?
I went to Windows Update, but L2TP/IPSEC Update is not listed under
recommended updates, and when I do an advanced search in the catalog
for article 818043, there are no results.
According to that KB article, the file version on Oakley.sys should
be 5.1.2600.1240 with a file date of 02-Jul-2003 13:36.
Mine is 5.1.2600.1106 with a file date of 29-Aug-2002 07:00.
Obviously, I *don't* have the NAT Traversal update installed, but it
doesn't appear on Windows Update anymore! Has Microsoft pulled it
again? Grr.
> IPsec passthrough has been disabled on the NAT device(s)?
What exactly does IPSEC passthrough refer to? My assumption would be
port-forwarding UDP 500 and protocols 50/51 to the NATted device,
which is definitely not happening.
> And nat_traversal is enabled on Openswan?
That's definitely enabled; "nat_traversal=yes" is set in the config
setup section of ipsec.conf.
- ----
Nels Lindquist <*>
Information Systems Manager
Morningstar Air Express Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
iD8DBQFAo9C3bxRqvNchgLQRAjQvAJ9ol9wb6QhANbNTqz91CSve2LDY7ACfZ6zk
oW1q58yMLnDAaM9VmPgOCtI=
=GzeR
-----END PGP SIGNATURE-----
More information about the Users
mailing list