[Openswan Users] Road warrior issue
Thiago Campos
tmclistas at uol.com.br
Thu Sep 1 13:27:42 CEST 2005
Paul,
Thanks for your help.
On my Fedora 3 the Kernel is 2.6.9-1.667 and openswan-2.3.1-1
You mean i have to install openswan-klips, right?
At the openswan ftp i found openswan-klips-2.3.1-2.6.10_1.770_FC3_1.i386.rpm
can i use it or i have to upgrade my kernel before?
By the way what are the lines to enable nat_traversal and
virtual_privatein?
Thanks a lot
Thiago
----- Original Message -----
From: "Paul Wouters" <paul at xelerance.com>
To: "Thiago Campos" <tmclistas at uol.com.br>
Cc: <users at openswan.org>
Sent: Wednesday, August 31, 2005 11:05 PM
Subject: Re: [Openswan Users] Road warrior issue
> On Wed, 31 Aug 2005, Thiago Campos wrote:
>
>> Now i got a different error
>>
>> Aug 31 19:03:33 beetle pluto[10948]: packet from 192.168.0.11:500:
>> ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY 00000004]
>> Aug 31 19:03:33 beetle pluto[10948]: packet from 192.168.0.11:500:
>> ignoring Vendor ID payload [FRAGMENTATION]
>> Aug 31 19:03:33 beetle pluto[10948]: packet from 192.168.0.11:500:
>> received Vendor ID payload [draft-ietf-ipsec-nat-t-ike-02_n] meth=106,
>> but port floating is off
>
> You do not have NAT-T support. Either you kernel does not support it, or
> you do not have the nat_traversal= and virtual_private lines in config
> setup.
>
>> Aug 31 19:03:34 beetle pluto[10948]: "t4wroad" #2: cannot respond to
>> IPsec SA request because no connection is known for
>> 192.168.0.2:17/1701...192.168.0.11:17/1701
>
> This is the result, because nat is rejected.
>
> Paul
More information about the Users
mailing list