[Openswan Users] no connection is known for...
Jacco de Leeuw
jacco2 at dds.nl
Mon May 24 23:38:07 CEST 2004
Mark Frost schreef:
> In any case, my l2tpd.conf file does have only local private network
> addresses in it -- i.e. 172.16.*.* :
Oops, sorry about this. I overlooked the start of this thread where
you mention this. You're right, your l2tpd.conf is not the problem.
The problem is NAT.
I must admit that I have not yet tested NAT-T with Openswan but after
a bit of bad luck (fried disk) I finally got a test setup in place.
I hope to have a go at it soon.
> conn %default
> compress=yes
Should be disabled. Windows does not support IPsec compression.
> #
> # The remote user.
> #
> right=%any
> rightrsasigkey=%cert
> rightcert=/etc/ipsec.d/certs/mfrost99.pem
> rightsubnet=192.168.1.0/24
> rightprotoport=17/1701
> May 24 15:07:26 outpost pluto[7275]: "L2TP-CERT"[1] 24.45.15.131:4500
> #2: cannot respond to IPsec SA request because no connection is known
> for <OpenSwan_GW_IP>:4500[ ..OpenSwan_GW_DN..
> ,S=C]:17/1701...24.45.15.131:4500[ ..WinXP_Client_DN ..]:17/1701
Hm, this should have been the correct configuration. Are you sure the
Linksys is not doing IPsec passthrough? It should be disabled.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list