[Openswan Users] UDP: Bad checksum

Lars Bakker lars_bakker at gmx.de
Tue Sep 20 16:48:00 CEST 2005


> Could be an MTU problem or a NAT router trying to be 'helpful' by
> doing IPsec passthrough.
> 
> Can you confirm that the problem does not occur when there is no NAT?
> Or just single NAT?

No, I cannot confirm that those problems do not occur when the ipsec 
server is directly connected to the Internet, but I used a similar 
configuration on the host system without NAT device which worked 
trouble-free. Maybe it's because I've done something wrong with the 
integration of openswan in the virtual system.
Here is what I did:

- downloading and unpacking the Linux 2.4.31 kernel from www.kernel.org
- applying uml patch 2.4.27.1
- downloading and unpacking openswan 2.3.1
- applying NAT-Server patch to openswan from 
http://www.jacco2.dds.nl/networking/freeswan-l2tp.html
- applying NAT-T patch with: make nattpatch | (cd 
/path/to/uml/kernel/source && patch -p1)
- applying KLIPS patch with: make KERNELSRC=/path/to/uml/kernel/source 
precheck verset kpatch
- configuring and compiling the user-mode-linux kernel with: make 
ARCH=um menuconfig  ....  and make ARCH=um linux
- copying kernel source and openswan source to the user-mode-linux fs image.
- in the running uml instance: make KERNELSRC=/path/to/uml/kernel/source 
programs install

If it is a problem related to the mtu value, what do I have to change to 
make it working?

With kind regards,
Lars Bakker






More information about the Users mailing list