[Openswan Users] connection could not be established, client loop the request, both are NATed!

foren titze foren.titze at gmx.net
Thu Jul 7 13:29:23 CEST 2005 

Hello users,

here my problem:
The tunnel connection works but will never end. So when I try to establish my 
connection the request go into a loop.
You see, "IPsec SA established" and now L2tpd should overtake the connection 
and establish an ppp connect.
But it doesn't make this, what I have expected.

This happend since I tryied to push the VPN_server behind a NAT Firewall and 
connect them with a internal private IP and no longer with his external IP.

The Patch found on Jaccos Site für Nated Server is done.

So is there any solution?

thx ben


________________________________________________________
Jul  7 11:26:20 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: 
responding to Main Mode from unknown peer 80.226.251.120
Jul  7 11:26:20 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: 
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul  7 11:26:21 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: 
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
Jul  7 11:26:21 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: 
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: Main 
mode peer ID is ID_DER_ASN1_DN: 'C=DE, '
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: I am 
sending my cert
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: 
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jul  7 11:26:22 linux-vpn2 pluto[5396]: | NAT-T: new mapping 
80.226.251.120:500/4500)
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #188: sent 
MR3, ISAKMP SA established
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #189: 
responding to Quick Mode {msgid:0cf30369}
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #189: 
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #176: 
received Delete SA payload: deleting ISAKMP State #176
Jul  7 11:26:22 linux-vpn2 pluto[5396]: packet from 80.226.251.120:4500: 
received and ignored informational message
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #189: 
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jul  7 11:26:22 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #189: IPsec 
SA established {ESP=>0x57e936c7 <0xb00d50d4 xfrm=3DES_0-HMAC_MD5 
NATD=80.226.251.120}
Jul  7 11:26:23 linux-vpn2 pluto[5396]: packet from 80.226.251.120:500: 
ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
Jul  7 11:26:23 linux-vpn2 pluto[5396]: packet from 80.226.251.120:500: 
ignoring Vendor ID payload [FRAGMENTATION]
Jul  7 11:26:23 linux-vpn2 pluto[5396]: packet from 80.226.251.120:500: 
received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] method set 
to=106 
Jul  7 11:26:23 linux-vpn2 pluto[5396]: packet from 80.226.251.120:500: 
ignoring Vendor ID payload [Vid-Initial-Contact]
Jul  7 11:26:23 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: 
responding to Main Mode from unknown peer 80.226.251.120
Jul  7 11:26:23 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: 
transition from state STATE_MAIN_R0 to state STATE_MAIN_R1
Jul  7 11:26:23 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: 
NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: both are NATed
Jul  7 11:26:23 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: 
transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: Main 
mode peer ID is ID_DER_ASN1_DN: 'C=DE, '
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: I am 
sending my cert
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: 
transition from state STATE_MAIN_R2 to state STATE_MAIN_R3
Jul  7 11:26:24 linux-vpn2 pluto[5396]: | NAT-T: new mapping 
80.226.251.120:500/4500)
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #190: sent 
MR3, ISAKMP SA established
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #191: 
responding to Quick Mode {msgid:c196d076}
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #191: 
transition from state STATE_QUICK_R0 to state STATE_QUICK_R1
Jul  7 11:26:24 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #178: 
received Delete SA payload: deleting ISAKMP State #178
Jul  7 11:26:24 linux-vpn2 pluto[5396]: packet from 80.226.251.120:4500: 
received and ignored informational message
Jul  7 11:26:25 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #191: 
transition from state STATE_QUICK_R1 to state STATE_QUICK_R2
Jul  7 11:26:25 linux-vpn2 pluto[5396]: "martin"[1] 80.226.251.120 #191: IPsec 
SA established {ESP=>0x9f97e175 <0x753f7bf6 xfrm=3DES_0-HMAC_MD5 
NATD=80.226.251.120}

More information about the Users mailing list