[Openswan Users] ignoring Vendor ID payload [FRAGMENTATION]

Norbert Wegener nw at sbs.de
Fri Aug 5 16:59:37 CEST 2005


Sometimes, not predictable, I get the following message on the server:
ignoring Vendor ID payload [FRAGMENTATION]

When this message appears, no connection comes up.
The clients can restart as often as they wnat, but  do not get a 
connection up.
Sometime later, the client then usually has another ipaddress, without 
having chaged anything neither on the client nor on the server side,
the connection comes up.
As the subject [FRAGMENTATION] suggests, this may have to do with the 
connection and with mtu issues.
Is this the correct assumption?

This happens with all recent versions of openswan on a Suse9.2 
vpngateway with kernel2.6.8.
This happens with clients, when they have a direct connection and with 
natted connections.
The clients use x509 certificates and are more or less all win xp systems.
What is the best way to deal with that kind of  problem?

Norbert






More information about the Users mailing list