[Openswan Users] Cannot connect XP SP2 roadwarrior to server - any known issues?

Marcus Blomenkamp mblomenk at gmx.de
Fri Sep 17 11:58:27 CEST 2004

Am Donnerstag, 16. September 2004 22:47 schrieb Nate Carlson:
> Have you tried disabling the SP2 firewall?

Thanks, that did the trick.

Before fiddling with IPSec i already re-enabled ICMP messages. However having 
the SP2 firewall disabled completely gives me a strange mood, not from a 
security point of view but as a matter of principle. 

Now i have to find the exact switch to get this thing running. Tcpdump shows 
ESP packets and a few control packets (ARP etc) only - just as expected. 
Windows Firewall GUI is centered around giving applications or system access 
to TCP or UDP ports. I'm stuck here :(

> I have done tests with L2TP-over-IPsec with SP2 with the firewall turned
> on, and it worked fine, but that doesn't mean normal IPSec will also work
> fine.  :)

This is on my TODO list as it allows me to model the routing more sensible. 
Currently my roadwarriors cannot contact their sibling machines in the same 
subnet directly because of tunnel policies preceding transport policies.


More information about the Users mailing list