[Openswan Users] L2TP on WindowsXP as client and Mandrake10 as server

Jacco de Leeuw jacco2 at dds.nl
Wed Jan 12 11:01:52 CET 2005

Marius Sbera wrote:

> has anyone configured Openswan-2.2.0 with L2TP to work on Mandrake 10
> with Shorewall firewall? I can access my server over simple IPsec but
> not when using L2TP. Do I need to configure something else?

Is this Mandrake 10.0 or 10.1? It makes a difference for l2tpd because
they removed legacy PTYs in 10.1.

> The error from auth.log is:
> "roadwarrior-l2tp"[2] SERVER_REAL_IP #1: cannot respond to IPsec SA
> request because no connection is known for ...
> but in messages log file I have:
> kernel: udp_encap_rcv(): Unhandled UDP encap type: 1

Are you using NAT somewhere?

> config setup
>     interfaces=%defaultroute
>     nat_traversal=yes
>     virtual_private=%v4:
>     klipsdebug=all
>     plutodebug=all

You don't think you need to use these debug modes. The problem
is not that lowlevel.

> conn roadwarrior-l2tp
>     leftprotoport=17/0
>     rightprotoport=17/1701
>     left=SERVER_REAL_IP
>     leftsubnet=

Assuming your server is not NATed, remove the leftsubnet line.
If you are using NAT, you need to use leftprotoport=17/1701 and
install the NAT-T update Q818043 or SP2 on Windows XP.

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list