[Openswan Users] Roadwarior problem (Windows XP behind NAT, VPN server on public IP)

Thu Jun 23 12:38:20 CEST 2005

Did you remember to apply the registry patch on your winxp box, to enable NAT-T?

The patch is only required for SP2 - you say you have the latest
Windows Update, so I assume you have SP2, so you will need the patch.

On 23/06/05, Andrej Trobentar <andrej.trobentar at rikom.si> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Jacco de Leeuw wrote:
> >
> > virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,
> > ~                %v4:192.168.0.0/16,%v4:!192.168.15.0/24
> >
> > You should change this to:
> >
> > virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,
> > ~                %v4:192.168.0.0/16,%v4:!192.168.0.0/24
> >
> > This means that all these addresses are allowed for the Road
> > Warrior's LAN IP address (e.g. 192.168.15.177 in your example)
> > *except* 192.168.0.0/24 because that particular range is reserved
> > for the VPN server's internal LAN.
> 
> Changed to the values you suggested, but I still can't connect. The
> connect session still dies at :
> 
> "roadwarior-l2tpd"[6] 193.2.211.10 #11: retransmitting in response to
> duplicate packet; already STATE_MAIN_R3
> "roadwarior-l2tpd"[6] 193.2.211.10 #11: retransmitting in response to
> duplicate packet; already STATE_MAIN_R3
> "roadwarior-l2tpd"[6] 193.2.211.10 #11: discarding duplicate packet --
> exhausted retransmission; already STATE_MAIN_R3
> 
> Any other ideas maybe?
> 
> - --
> Greetings,
> 
>         Andrej.
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQFCunfrVd/NU2yFfAoRAlhSAKCoejUUc7o/Eec8OYZduUgOyFEdUgCfRPvr
> oG8/v8wvmtazq25nvs05FG0=
> =BpY6
> -----END PGP SIGNATURE-----
> _______________________________________________
> Users mailing list
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> 

-- 
- Norman Rasmussen
 - Email: norman at rasmussen.co.za
 - Home page: http://norman.rasmussen.co.za/