[Openswan Users] Error IPsec/L2tp connection
Jacco de Leeuw
jacco2 at dds.nl
Tue Mar 29 00:07:42 CEST 2005
rodrigo nobrega wrote:
> i have a ipsec connection working and im trying setup
> a L2tp/ipsec connection behind NAT.
So the L2TP/IPsec server is NATed? This is not supported yet.
You may have to wait for Openswan 2.3.1. There is however a
patch by Bernd Galonska. See also:
http://lists.openswan.org/pipermail/users/2005-March/004107.html
> when i ping 10.x.x.x using MM ipsec tools all work
> fine but, when i do ipsec -off and use l2tp/ipsec
> connection from winxp i dont have response.
If you have been using Marcus Mueller's IPSEC.EXE tool,
you may have disabled the automatic L2TP/IPsec policy.
See:
http://support.microsoft.com/default.aspx?scid=kb;en-us;q310109
to re-enable it.
> Where i can see l2tp logs??
They are in /var/log/messages. I have no idea where you can find
L2TP logs on Windows clients. For enabling PPP logging, see:
http://support.microsoft.com/default.aspx?scid=kb;en-us;234014
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
Perhaps you need to exclude your internal subnet here? I.e. add:
... , %v:!192.168.x.0/24
> Mar 28 10:21:49 vpn pluto[3343]: "roadwarrior-net"[2]
> 200.241.203.69 #1: cannot respond to IPsec SA request
> conn roadwarrior-net
> leftsubnet=10.0.0.0/255.0.0.0
> also=roadwarrior
I don't know why it wants to use this particular connection.
If it is interfering you should disable it.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list