[Openswan Users] unencrypted l2tp packets

Paul Wouters paul at xelerance.com
Mon Aug 21 10:22:20 EDT 2006

On Mon, 21 Aug 2006, Brett Curtis wrote:

> AllI see now in tcpdump is the following after a successful "IPsec SA
> established":
> 09:58:34.770542 IP rrcs-24-39-31-52.nys.biz.rr.com.47650 >
> server.myhost.net.ipsec-nat-t: UDP-encap: ESP(spi=0x5a111da5,seq=0x4), length
> 140
> until ipsec deletes the connection.
> I am thinking this is a kernel or firewall issues because both have changed..

> My related firewall rules. Ipsec is running on the firewall :

try disabling all of these rules and see if it works. If not, then run ipsec
verify and check the various /proc settings. Perhaps fiddle with the
external mtu set to 1472 and/or the internal mtu set to 1300.

Building and integrating Virtual Private Networks with Openswan:

More information about the Users mailing list