[Openswan Users] Roadwarrior L2TP connection drops after 2hours, openswan <=> XPSP2

Jacco de Leeuw jacco2 at dds.nl
Sat Jan 29 23:35:48 CET 2005


Ronald Moesbergen schreef:

>>>no IKE algorithms for this connection 
>>>NAT-Traversal: Only 0 NAT-D - Aborting NAT-Traversal negociation
> 
>>I suspect the problem starts here. Do you get the same problem when you
>>disable AES and/or the XP SP2 is not behind NAT? Is there a chance that
>>you can disable XAUTH for two hours and see if that solves the problem?
> 
> 
> I think I was a little unclear: the XP clients are not using XAUTH,
> just NAT-T.

That was clear to me because the built-in XP client does not support XAUTH.
I was wondering if the XAUTH on Openswan was interfering with the XP
roadwarrior connection.

It's none of my business but why are you using XAUTH for the Openswan-Cisco
connection? Neither are road warriors, right? Certificates on both sides
should be more secure.

> At the moment I don't have access to a directly connected XPSP2 machine,
> so I can't test without NAT, sorry.

Perhaps the DSL modem can be switched to bridge mode for two hours.
(Don't forget to enable Windows Firewall in SP2 :-).

> Thanks for your reply, I'll let you know the outcome.

Did the developers indicate what part could be at fault?

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list