[Openswan Users] Is there known issues with nat-t and 2.4.1dr1?

Paul Wouters paul at xelerance.com
Fri Sep 23 08:45:28 CEST 2005


On Fri, 23 Sep 2005, Juha Pietikäinen wrote:

> Hi, I have FC1 server with Kernel 2.4.31.
>
> I just upgraded my Openswan from version 2.2.1 to 2.4.1dr1 with
> pfkey_v2.c v.1.102 from cvs. Nat-t and klips patches are installed.
>
> I can't get L2TP/IPsec connection with X.509 certificates working with nat-t 
> enabled
> (nat_traversal=yes).
>
> Both xp pro client and server have public IP's.
>
> Same configuration worked fine with os 2.2.1 and it's nat-t and klips patch.

There are reported bugs that nat-t might have a few bugs and that transport
mode might have a bug with path mtu. We are working on those.

> It seems that nothing will get to the pluto because there isn't any entries
> in secure log, however pluto is running.

That is strange though. Try adding plutodebug=all and see if anything gets
logged?

Paul
-- 

"Happiness is never grand"

 	--- Mustapha Mond, World Controller (Brave New World)


More information about the Users mailing list