[Openswan Users] Opwenswan and L2TP Problem !

Stanislav Nedelchev stanislav.nedelchev at gmail.com
Tue Jun 7 02:23:23 CEST 2005

Hash: SHA1

Linux fw 2.4.29 #7 Mon Apr 4 17:52:13 EEST 2005 i686 unknown

5 18:45:17 fw pluto[1296]: Starting Pluto (Openswan Version 1.0.9)

i'm using slackware on this mashine .

At my home with same configuration
i can conect from my work but at home i'm using
openswan 2.2 and gentoo with kernel 2.6.11
interesting is that is have
interfaces="ipsec0=eth0" in my ipsec.conf
but there is no added ipsec0 interface
is it some reason for that ?

Jacco de Leeuw wrote:
> Stanislav Nedelchev wrote:
>> l2tpd-0.70-pre20031121.orig
>> with this patch
>> l2tpd_0.70-pre20031121-2.diff
> Looks like the Debian version. Are you using Debian? What kernel
> are you using? What version of Openswan? What do Openswan's startup
> messages say?
>>> If you are using KLIPS you cannot use NAT-T with a PSK (as far as I
>>> know).
>> But one peer is not NAT-ed.
> Ah, I see. It was not clear to me that you tried twice with and without
> NAT.
>> conn roadwarrior
>>        authby=secret
>>        right=%any
> Is this supported by KLIPS nowadays? What if you use the IP address of
> the client here? (And also change the IP address in ipsec.secrets).
>> This is the log file for peet that is not NAT-ed
>> Jun  6 22:15:44 fw l2tpd[21242]: control_xmit: Unable to deliver closing
>> message for tunnel 33619. Destroying anyway.
> Did you clear rp_filter?
> echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter
> If all else fails you can send me your (compressed) ipsec barf, or you
> can upload it somewhere for anyone to investigate.
> Jacco

Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org


More information about the Users mailing list