[Openswan Users] OpenSwan 2.2 vs XP roadwarrior didn't work
Paul Wouters
paul at xelerance.com
Fri Aug 12 16:34:26 CEST 2005
On Thu, 11 Aug 2005, Guenter.Sprakties at team4.de wrote:
> I've got some trouble to get OpenSwan to work in an XP Roadwarrior
> environment.
> config setup
> interfaces=%defaultroute
> klipsdebug=none
> plutodebug=none
You do not have nat_traversal=yes. With XP roadwarriors that is often
needed (though perhaps not yet in your test scenario)
> Aug 11 09:52:24 t4ac00 pluto[6651]: "x509-net-roadwarrior"[2]
> 62.246.73.238 #2: IPsec SA established {ESP=>0x8fda5747 <0x7c91c54b}
>
> Everything looks fine, SA established, so I try to ping a machine behind
> the Gateway. Here's the icmp logging of the INPUT, OUTPUT and FORWARD
> chain, eth0 ist 212.., eth2 is 192.168.2.1:
Check 'ipsec verify' to see if you enabled IP forwarding and that no NAT
rules are breaking your ipsec packets. Check that rp_filter is disabled.
Paul
More information about the Users
mailing list