[Openswan Users] l2tp/ipsec - ipsec ok, but no connection
Adam Zientek
adam.zientek at hot.pl
Sat Aug 12 12:48:49 EDT 2006
Hi Brian!
> 1. have l2tp setup to listen on an internal interface on your remote
> network, and be setup to use chap user/passwrd and hand out an IP
> address.
I setup l2tpd to liseten on my server's public ip 81.168.163.SS, netstat
confirm that.
> 2. Add an iptables rule in the prerouting section simular to this :
>
> Chain PREROUTING (policy ACCEPT 3555K packets, 244M bytes)
> pkts bytes target prot opt in out source
> destination u
> 27 3595 DNAT udp -- ipsec0 * 0.0.0.0/0
> 0.0.0.0/0 udp spt:1701 dpt:1701 to:192.168.0.1
>
> This way l2tp packets coming in on ipsec0 get prerouted over to the
> internal interface, which is where the l2tpd should be listening.
Ok, but i use NETKEY ipsec stack so i don't have ipsec0. AFAIK in my
case all ipsec traffic comes from eth0, where l2tpd listens on udp 1701.
--
Adam Zientek
More information about the Users
mailing list