[Openswan Users] Connectivity problem...
Jacco de Leeuw
jacco2 at dds.nl
Fri Sep 2 18:45:31 CEST 2005
Yiannis Mavroukakis wrote:
> Aug 31 00:27:45 firewall pluto[4323]: "roadwarrior-l2tp"[1] 83.x.x.241
> #1: NAT-Traversal: Result using draft-ietf-ipsec-nat-t-ike-02/03: peer
> is NATed
> Aug 31 00:27:46 firewall pluto[4323]: "roadwarrior-l2tp"[2] 83.x.x.241
> #1: STATE_MAIN_R3: sent MR3, ISAKMP SA established {auth=OAKLEY_RSA_SIG
> cipher=oakley_3des_cbc_192 prf=oakley_sha group=modp2048}
> Aug 31 00:27:46 firewall pluto[4323]: ERROR: "roadwarrior-l2tp"[2]
> 83.x.x.241 #2: netlink write() of XFRM_MSG_ALLOCSPI message for Get SPI
> esp.0 at 217.x.x.83 failed. Errno 111: Connection refused
What do you see if the client is not NATed? For instance, you can switch to
analog dial-up or temporarily remove the NAT router in front of the client.
Just a quick check to see if it is NAT that is causing the problem.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list