[Openswan Users] Roadwarrior L2TP connection drops after 2 hours, openswan <=> XPSP2

Jacco de Leeuw jacco2 at dds.nl
Sat Jan 29 17:59:39 CET 2005

Ronald Moesbergen wrote:

> I'm using openswan 2.3.0, kernel 2.6.10 with NETKEY for our company to
> support roadwarriors with XP SP2 machines calling into our network with
> L2TP using certificates (rp-lt2pd). Everything works great, connection
> is ok, but after 2 hours of use the connection is suddenly lost. I heard
> there were some problems with 2.3.0, but we have a customer with a cisco
> 3000 that only accepts XAUTH, so I must use version 2.3.0.

I have not yet tested such a setup myself. Unfortunately I don't have time
at the moment.

> no IKE algorithms for this connection 
> NAT-Traversal: Only 0 NAT-D - Aborting NAT-Traversal negociation

I suspect the problem starts here. Do you get the same problem when you
disable AES and/or the XP SP2 is not behind NAT? Is there a chance that
you can disable XAUTH for two hours and see if that solves the problem?

The "negociation" line probably comes from Mathieu Lafon's NAT-T code
because in English the correct word is "negotiation".

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list