[Openswan Users] no l2tp traffic with NATed client
Norman Rasmussen
normanr at gmail.com
Fri May 27 16:47:07 CEST 2005
are the ipsec and l2tp daemons running on different machines?
On 27/05/05, Neil Ballantyne <Neil at liquide.uk.com> wrote:
> For ref, the rule I'm using to forward traffic in to the l2tp server is:
>
> iptables -t nat -A PREROUTING -i eth0 -p udp --sport 1701 --dport 1701
> -j DNAT --to-destination xxx.xxx.xxx.xxx
>
> --
> neil
>
> > -----Original Message-----
> > From: Norman Rasmussen [mailto:normanr at gmail.com]
> > Sent: 27 May 2005 12:56
> > To: Neil Ballantyne
> > Subject: Re: [Openswan Users] no l2tp traffic with NATed client
> >
> > if you stop the l2tp server, and have something like netcat
> > listen in verbose mode, do you see a connection attempt? an
> > alternative is to run tcpdump to watch for l2tp packets.
> >
> > On 27/05/05, Neil Ballantyne <Neil at liquide.uk.com> wrote:
> > >
> > > > Sounds like the same issues I'm having
> > > > http://norman.rasmussen.org/79/ipsuccess-for-a-short-while/
> > > >
> > > > To make the connection you'll need to apply at least one
> > patch, but
> > > > the connection only lasts until the first rekey.
> > >
> > > Have applied to the patch to the 2.3.0-2 package as above, but no
> > > change. SA still created but no l2tp.
> > >
> > > --
> > > neil
> > > _______________________________________________
> > > Users mailing list
> > > Users at openswan.org
> > > http://lists.openswan.org/mailman/listinfo/users
> > >
> >
> >
> > --
> > - Norman Rasmussen
> > - Email: norman at rasmussen.org
> > - Home page: http://norman.rasmussen.org/
> >
>
--
- Norman Rasmussen
- Email: norman at rasmussen.org
- Home page: http://norman.rasmussen.org/
More information about the Users
mailing list