[Openswan Users] Opwenswan and L2TP Problem !
Jacco de Leeuw
jacco2 at dds.nl
Tue Jun 7 00:48:21 CEST 2005
Stanislav Nedelchev wrote:
> l2tpd-0.70-pre20031121.orig
> with this patch
> l2tpd_0.70-pre20031121-2.diff
Looks like the Debian version. Are you using Debian? What kernel
are you using? What version of Openswan? What do Openswan's startup
messages say?
>> If you are using KLIPS you cannot use NAT-T with a PSK (as far as I know).
> But one peer is not NAT-ed.
Ah, I see. It was not clear to me that you tried twice with and without NAT.
> conn roadwarrior
> authby=secret
> right=%any
Is this supported by KLIPS nowadays? What if you use the IP address of
the client here? (And also change the IP address in ipsec.secrets).
> This is the log file for peet that is not NAT-ed
>
> Jun 6 22:15:44 fw l2tpd[21242]: control_xmit: Unable to deliver closing
> message for tunnel 33619. Destroying anyway.
Did you clear rp_filter?
echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
If all else fails you can send me your (compressed) ipsec barf, or you
can upload it somewhere for anyone to investigate.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list