[Openswan Users] ipsec/l2tp with nat traversal
Paul Wouters
paul at xelerance.com
Wed Apr 26 20:33:18 CEST 2006
On Wed, 26 Apr 2006, Trevor Benson wrote:
> OK, after being informed of the ipsec verify I have connected with the
> certificate I was using without l2tp previously and successfully get
> IPSec SA Established
>
> Now after this I get MS generic garbage error of 678. I have brought up
> multiple sessions to the gateway, and tail -f /var/log/secure, eth0,
> ipsec0, eth1, and ran l2tpd -D and watched the server.
Did you set a lower then 1500 mtu on your external interface on the l2tp
server? Did you set mtu/mru to 1200 in the l2tpd.conf? Which l2tpd are
you running?
Also check jacco's page: http://www.jacco2.dds.nl/networking/win2000xp-freeswan.html#Error624
> What I see is that the secure log shows SA Established. Next I see
> packets on the tcpdump for eth0 using port 4500. During this the
> tcpdump of ipsec0 doesn't show any packets at all
So you see ESPinUDP packets, but no decrypted packets. Check if this is not an MTU
issue.
Paul
--
Building and integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
More information about the Users
mailing list