[Openswan Users] L2TP/IPsec problem
Nico Schmoigl
mailinglisten at schmoigl-online.de
Sun Aug 28 13:30:13 CEST 2005
Hi list members,
> Please note, that it is only 484 bytes long (with header 518 bytes).
> The log of the windows client there says that it tried to sent that
> 1956 bytes packet. Naturally, pluto does not get to know anything
> about the contents of this packet. Therefore the log does not show
> anything. And another strange thing: I only recieve this single IP
> fragment - not two or three (3x484 is the first number which would be
> larger than 1956). Could this be related to the fact, that the later
> packets do not have an IP Header and therefore get discarded by the
> sniffing program?
Here's a short update on the current progress on my problem:
I managed to get the connection working. I created another key (with
certificates) that doesn't have that much X509 tags inside the
certificate. However, the len of the packet in question still is 1956
(no change here!). My assumption therefor goes into two directions: Either
* the packet is filled with garbage information although the real
data is within the first x bytes which don't get truncated by
fragmentation, or
* in my old certificate (which was created by PHPki) there is some
field set, that OAKLEY doesn't like.
Are there any X509 experts around to whom I could send the certificate
and try to track down at least my second assumption? Thanks, guys!
73
Nico
More information about the Users
mailing list