[Openswan Users] Error IPsec/L2tp connection

Rodrigo nobregasz at yahoo.com.br
Tue Mar 29 00:04:16 CEST 2005

Tks for ur help Jacco.

i was losting my mind.. so... im find a way more secure then x509 to 
autentication. Im thinking l2tp (to use user+pass) or smartcards..

ill whait for openswan 2.3.1

sory for my english.

tks again


> rodrigo nobrega wrote:
>> i have a ipsec connection working and im trying setup
>> a L2tp/ipsec connection behind NAT.
> So the L2TP/IPsec server is NATed? This is not supported yet.
> You may have to wait for Openswan 2.3.1. There is however a
> patch by Bernd Galonska. See also:
> http://lists.openswan.org/pipermail/users/2005-March/004107.html
>> when i ping 10.x.x.x using MM ipsec tools all work
>> fine but, when i do ipsec -off and use l2tp/ipsec
>> connection from winxp i dont have response.
> If you have been using Marcus Mueller's IPSEC.EXE tool,
> you may have disabled the automatic L2TP/IPsec policy.
> See:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;q310109
> to re-enable it.
>> Where i can see l2tp logs??
> They are in /var/log/messages. I have no idea where you can find
> L2TP logs on Windows clients. For enabling PPP logging, see:
> http://support.microsoft.com/default.aspx?scid=kb;en-us;234014
>> virtual_private=%v4:,%v4:,%v4:
> Perhaps you need to exclude your internal subnet here? I.e. add:
> ... , %v:!192.168.x.0/24
>> Mar 28 10:21:49 vpn pluto[3343]: "roadwarrior-net"[2]
>> #1: cannot respond to IPsec SA request
>> conn roadwarrior-net
>> leftsubnet=
>> also=roadwarrior
> I don't know why it wants to use this particular connection.
> If it is interfering you should disable it.
> Jacco

More information about the Users mailing list