[Openswan Users] Creating Win XP vpn connection

peters at exemplar-associates.com peters at exemplar-associates.com
Tue Apr 25 17:58:18 CEST 2006

> The message on the client is  =22Error 792 The L2TP connection failed
> because security timed out=22.
> Previously I wasn't sure that packets were reaching the server but
> now I think they are. The problem seems to be the =22no suitable
> connection for peer=22 error. I am worried about the difference between
> S=3D and ST=3D

Doing more searching adn reading I found that the =22no suitable =
error is due to the ipsec.conf (shown below).

Earlier I had commented some parts to try to locate the problem.

Any suggestions ?


=23 /etc/ipsec.conf - Openswan IPsec configuration file
=23 RCSID =24Id: ipsec.conf.in,v 2005/07/26 12:28:39 ken Exp =24

=23 This file:  /usr/share/doc/openswan/ipsec.conf-sample
=23 Manual:     ipsec.conf.5

version=092.0=09=23 conforms to second version of ipsec.conf specification

=23 basic configuration
config setup
=09=23 plutodebug / klipsdebug =3D =22all=22, =22none=22 or a combation =
from below:
=09=23 =22raw crypt parsing emitting control klips pfkey natt x509 =
=09=23 eg:
=09=23 plutodebug=3D=22control parsing=22
=09=23 Only enable klipsdebug=3Dall if you are a developer
=09=23 NAT-TRAVERSAL support, see README.NAT-Traversal
=09=23 nat_traversal=3Dyes
=09=23 virtual_private=3D%v4:,%v4:,%4:

=23 Add connections here

=23 sample VPN connection
=23=09conn sample
=23=09=09=23 Left security gateway, subnet behind it, nexthop toward right.
=23=09=09=23 Right security gateway, subnet behind it, nexthop toward left.
=23=09=09=23 To authorize this connection, but not actually start it,=20
=23=09=09=23 at startup, uncomment this.
conn %default

=23conn roadwarrior-l2tp
=23conn roadwarrior-l2tp-updatedwin
=23=09rightprotoport=3D17/%any  =23=09rightprotoport=3D17/1701
=23conn roadwarrior-net

conn roadwarrior

conn block

conn private

conn private-or-clear

conn clear-or-private

conn clear

conn packetdefault

=23Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf

More information about the Users mailing list