[Openswan Users] WinXp <-> Openswan....getting there but no cigar

[Jerome Kaidor]

Hi folks,

   With the help of good advice from people on this forum, my project to 
connect my Windows XP roadwarrier to my Linux box with Openswan is moving
right along.  Google has been a big help too :).

   At this point, the SA seems to be set up:

Jun 10 15:50:10 tr4 pluto[1739]: "wintwok"[10] 67.118.246.207 #19: IPsec SA
             established {ESP=>0x19dc93d9 <0x74366f5b xfrm=3DES_0-HMAC_MD5}

But then WinXP pops up a window that says:  
   "Error 651: The modem (or other connecting device) has reported an error."

..And round about this time - assumably after the Error 651 - the the Windows
machine tells the Linux box to tear down the IPSEC SA:

Jun 10 15:50:10 tr4 pluto[1739]: "wintwok"[10] 67.118.246.207 #18: received Delete SA(0x19dc93d9) payload: deleting IPSEC State #19
Jun 10 15:50:10 tr4 pluto[1739]: "wintwok"[10] 67.118.246.207 #18: received and ignored informational message
Jun 10 15:50:10 tr4 pluto[1739]: "wintwok"[10] 67.118.246.207 #18: received Delete SA payload: deleting ISAKMP State #18
Jun 10 15:50:10 tr4 pluto[1739]: "wintwok"[10] 67.118.246.207: deleting connection "wintwok" instance with peer 67.118.246.207 {isakmp=#0/ipsec=#0}
Jun 10 15:50:10 tr4 pluto[1739]: packet from 67.118.246.207:500: received and ignored informational message

..and that's all she wrote!

    I suspect that the ball is now in the court of l2tpd and pppd.  Since
I've never run PPP on this server, I suppose that's all screwed up.

   One thing that confuses me:  Windows XP asks for a user name and password
in the "Connect" popup.  What software does this refer to?  It's not IPSEC,
because the SA is successfully set up without inputting either of these things.
The l2tpd-secrets file just has a password for a pair of machines, not a user
name.   

   And it shouldn't need a Unix username/password to set up a tunneled IP
connection.  Huh?

                          - Jerry Kaidor ( jerry at tr2.com )