[Openswan Users] Certificate exchange but no l2tp
Jacco de Leeuw
jacco2 at dds.nl
Tue May 17 12:06:48 CEST 2005
Oliver Tomkins wrote:
> However tcpdump doesn't show any of the packets been rewritten to the
> l2tp machine and our firewall counters don't show any packets coming
> through there. The client then kills the tunnel as it is expected l2tp
> as well as the tunnel.
Here are some suggestions:
- There is a Howto by Martin Koeppe about such a setup:
http://koeppe-net.de/l2tp-howto.txt
It could use a bit of an update but you'll probably get the gist of it.
- NAT forwarding after IPsec currently does not work on 26sec, but there
are experimental ipsec hook netfilter patches by Patrick McHardy.
- Are you using leftnexthop= on the IPsec server?
- Running tcpdump on the VPN server itself is not entirely reliable
when 26sec is used. A seperate system for sniffing packets is better.
- Do L2TP packets arrive at the L2TP server at all? Does it send
responses back? Does it have a default route to the IPsec server?
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list