[Openswan Users] L2TP on WindowsXP as client and Mandrake10 as server

Marius Sbera marius.sbera at gmail.com
Wed Jan 12 17:48:16 CET 2005


it seems that I advanced one step forward in the right direction.
I removed the line with leftsubnet and now I can see on the server
side that the connection is established. The problem now is that the
roadwarrior does not recognize that the connection was made. The
connection dialog stays there until the time out occurs. I'm using XP
with SP2. The message udp_encap_rcv(): Unhandled UDP encap type: 1 is
still there.
Any hints?

Thank you in advance!



On Wed, 12 Jan 2005 11:01:52 +0100, Jacco de Leeuw <jacco2 at dds.nl> wrote:
> Marius Sbera wrote:
> 
> > has anyone configured Openswan-2.2.0 with L2TP to work on Mandrake 10
> > with Shorewall firewall? I can access my server over simple IPsec but
> > not when using L2TP. Do I need to configure something else?
> 
> Is this Mandrake 10.0 or 10.1? It makes a difference for l2tpd because
> they removed legacy PTYs in 10.1.
> 
> > The error from auth.log is:
> > "roadwarrior-l2tp"[2] SERVER_REAL_IP #1: cannot respond to IPsec SA
> > request because no connection is known for ...
> >
> > but in messages log file I have:
> > kernel: udp_encap_rcv(): Unhandled UDP encap type: 1
> 
> Are you using NAT somewhere?
> 
> > config setup
> >     interfaces=%defaultroute
> >     nat_traversal=yes
> >     virtual_private=%v4:192.168.100.0/24
> >     klipsdebug=all
> >     plutodebug=all
> 
> You don't think you need to use these debug modes. The problem
> is not that lowlevel.
> 
> > conn roadwarrior-l2tp
> >     leftprotoport=17/0
> >     rightprotoport=17/1701
> >     left=SERVER_REAL_IP
> >     leftsubnet=192.168.100.0/24
> 
> Assuming your server is not NATed, remove the leftsubnet line.
> If you are using NAT, you need to use leftprotoport=17/1701 and
> install the NAT-T update Q818043 or SP2 on Windows XP.
> 
> Jacco
> --
> Jacco de Leeuw                         mailto:jacco2 at dds.nl
> Zaandam, The Netherlands           http://www.jacco2.dds.nl
>


More information about the Users mailing list