[Openswan Users] WinXP SP2 Installation breaks x.509 ipsec functionality

Dieter Kastrau kastrau at forsec.de
Thu Oct 14 17:15:22 CEST 2004

Dear all,

I searched this list and other related ones,
but found no solution:

with winxp sp1 and Marcus Muellers ipsec tool,
I had a perfectly working VPN/ipsec roadwarrior connection to openswan.

after installing winxp sp2 (and changing nothing else),
my simple winxp roadwarrior<-> openswan configuration (no NAT-T)
stops working.(A friend of mine could reproduce this sp2 problem)

with sp2, I just get to this point:
Oct 14 15:00:43 pois2 pluto[12889]: "test"[1] #1: sent MR3, ISAKMP SA established

and udp port 500 packets are flowing. last packet comes from the openswan side,
then no more replies from winxp sp2...
Nothing else happens, no esp packets and no IPSEC SA established.

Like some people suggested,
I disabled winxp sp2 firewall=> still the same problem.

Has anyone heard of similar problems?

I am really clueless at the moment :-[

Thanks a lot

More information about the Users mailing list