[Openswan Users] KLIPS 2.4.2dr1 is broken with NAT-T

Marco Berizzi pupilla at hotmail.com
Fri Oct 14 12:25:15 CEST 2005


Ok. I found the problem.
KLIPS 2.4.2dr1 is broken when NAT-T is enabled in ipsec.conf
ipsec barf is attached. KLIPS & Pluto debug were set to all.

Any response are welcome.

Marco Berizzi wrote:

>I'm reposting because previous message was tagged as
>spam.
>Sorry.
>
>Marco Berizzi wrote:
>
> > Hello everybody.
> > I have a problem with klips 2.4.2dr1 with linux 2.4.31
> > The problem isn't related to userland tools version,
> > only KLIPS version.
> > Our ISP router is configured with some kind of QoS to
> > give priority to VoIP traffic. This QoS is implemented
> > on source IP packet. I have no control over this router.
> > Briefly: KLIPS 2.3.1 is working ok. KLIPS 2.4.2dr1:
> > connections are frozen in Phase 1.
> >
> > Is there any packet format/flow change between KLIPS
> > 2.3.1 and KLIPS 2.4.2dr1?
> >
> > Running KLIPS 2.3.1 + userland 2.4.2dr1 are fine.
>
>See attach for /var/log/secure
>plutodebug is set to control.
>This log was written by OSW 2.4.2dr1 (both KLIPS and
>pluto) on linux 2.4.31. KLIPS is patched with NAT-T.
>

-------------- next part --------------
A non-text attachment was scrubbed...
Name: barf.bz2
Type: application/octet-stream
Size: 25912 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20051014/2554afde/barf-0001.obj


More information about the Users mailing list