[Openswan Users] "ISAKMP SA established" BUT "state transition
function for STATE_QUICK_R0 failed"
Jacco de Leeuw
jacco2 at dds.nl
Tue Jul 12 11:54:01 CEST 2005
wjt_eric <wjt_eric at 163.com>:
> I got a problem when try to init a L2TP_over_IPsec tunnel between WindowsXP
> &linux VPN gateway.
You don't need Pluto debug, leftsubnet and type. Nat_traversal is also set
to yes but your configuration for NAT-T is incomplete so don't expect it to
work at this stage. Here is a fixed version of your ipsec.conf.
config setup
#klipsdebug=none
plutodebug="none"
nat_traversal=yes
conn L2TP-PSK
#use a preshared key
#disable PFS for windows client
authby=secret
pfs=no
#
#left means local
left=192.168.10.152
leftprotoport=17/0
#
#remote user: %any for dyn ip
right=%any
rightprotoport=17/1701
I would also recommend the NAT-T update Q818034 or XP SP2 and
leftprotoport=17/1701 if you want to use NAT-T.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list