[Openswan Users] l2tp/ipsec problem

Jacco de Leeuw jacco2 at dds.nl
Wed Apr 5 14:04:47 CEST 2006


Norbert Wegener wrote:

>>> We get some userfeedback stating, that they can connect to an 
>>> openswan gateway via their dsl-router, when they use a cable.
>>> Their session to the same gateway does not come up, when they connect 
>>> wireless via the same dsl router to the same gaeway using the same 
>>> (xp,sp2) client.
> 
> The ipsec sa is established, but then nothing more happens. the l2tp 
> part does not start. So the problem is reduced to why that part does not 
> come up.

Where do those L2TP packets end up? Can you use a sniffer and check
out what is actually being sent through the IPsec tunnel? (May be
difficult to do without KLIPS). Do the L2TP packets arrive in
clear text on the Openswan server?

> It seems to happen with different models and the problem seems to appear 
> in Asia only.
> Maybe some low level communication parameters there are different from 
> the ones in Europe, I don't know.

Initially I thought of an MTU problem but that can't be it.
The wireless net has the same MTU as the wired net, right?
If you are happy to experiment anyway, what if you reduce the
MTU on your side?

Those Asian users did not another IPsec client previously which
disabled the automatic IPsec policy, did they?

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list