[Openswan Users] Rekeying issue with Windows XP (SP2) & L2TP
Tarountaev Evgueni
tarountaev at aist.com
Wed Nov 3 10:13:52 CET 2004
I have found the problem.
This is some lines from my ipsec.conf:
conn roadwarrior-l2tp-updatedwin
pfs=no
leftprotoport=17/1701
rightprotoport=17/1701
also=roadwarrior
conn roadwarrior
left=%defaultroute
leftcert=/etc/ipsec.d/certs/ipsec-server.pem
right=%any
# rightsubnet=vhost:%no,%priv
auto=add
rightsubnet=vhost:%no,%priv -- this line was added as described into Nate
Carlson's howto.
But looks like this line confused pluto and while it starts connection into
transport mode, then it tries to make rekeying into tunnel mode. XP side
then hangs up.
When I add "type=transport" into roadwarrior-l2tp-updatedwin, I immediately
get error message and comment rightsubnet line. After that connection was up
all night.
Now I have to test how NATed clients will operate.
--
Evgueni
More information about the Users
mailing list