[Openswan Users] L2TP/IPsec problem

Jacco de Leeuw jacco2 at dds.nl
Fri Aug 26 19:21:19 CEST 2005


Nico Schmoigl wrote:

>     nat_traversal=yes
>     virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16

The internal subnet needs to be excluded here.

>     plutodebug=all
>     overridemtu=1500

You could try a lower MTU here, say 1400 or so.

> Running a freeswan 2.04 with x509-1.7.0 patch.

Any particular reason you want to stick with FreeS/WAN? Essentially it's
dead now. Most people have upgraded to either Openswan or Strongwan.

> conn L2TP-conn-old
> leftprotoport=17/0

You could install the NAT-T update on the Windows 2000 client. Not that
you need the NAT-T support but sometimes Microsoft secretly fixes other
things as well.

I for one haven't used non-updated clients for quite a while now.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list