[Openswan Users] OSX 10.4.5 maybe :)
Christophe Ngo
cngovanduc at gmail.com
Wed Feb 15 12:44:09 CET 2006
Hi,
I¹ve been connecting today as a roadwarrior with a 10.4.5 behind an DSL
router and NATed
What I¹ve found so far:
pluto[17507]: packet from x.x.x.x:500: received Vendor ID payload [RFC 3947]
method set to=109
pluto[17507]: packet from x.x.x.x:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike] method set to=110
pluto[17507]: packet from x.x.x.x:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02] meth=107, but already using method 110
pluto[17507]: packet from x.x.x.x:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] meth=106, but already using method 110
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: responding to Main Mode from
unknown peer 200.88.223.131
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: transition from state
STATE_MAIN_R0 to state STATE_MAIN_R1
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: STATE_MAIN_R1: sent MR1,
expecting MI2
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: ignoring Vendor ID payload
[KAME/racoon]
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: NAT-Traversal: Result using
RFC 3947 (NAT-Traversal): peer is NATed
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: transition from state
STATE_MAIN_R1 to state STATE_MAIN_R2
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: STATE_MAIN_R2: sent MR2,
expecting MI3
pluto[17507]: "L2TP-PSK-OLD"[45] x.x.x.x #108: Main mode peer ID is
ID_IPV4_ADDR: '10.0.0.3'
pluto[17507]: "L2TP-PSK-OLD"[46] x.x.x.x #108: deleting connection
"L2TP-PSK-OLD" instance with peer x.x.x.x {isakmp=#0/ipsec=#0}
pluto[17507]: "L2TP-PSK-OLD"[46] x.x.x.x #108: I did not send a certificate
because I do not have one.
pluto[17507]: "L2TP-PSK-OLD"[46] x.x.x.x #108: transition from state
STATE_MAIN_R2 to state STATE_MAIN_R3
pluto[17507]: | NAT-T: new mapping x.x.x.x:500/50339)
pluto[17507]: "L2TP-PSK-OLD"[46] x.x.x.x #108: STATE_MAIN_R3: sent MR3,
ISAKMP SA established {auth=OAKLEY_PRESHARED_KEY cipher=oakley_3des_cbc_192
prf=oakley_sha group=modp1024}
pluto[17507]: "L2TP-PSK-NAT"[8] x.x.x.x #109: responding to Quick Mode
{msgid:ecd87ac6}
pluto[17507]: "L2TP-PSK-NAT"[8] x.x.x.x #109: transition from state
STATE_QUICK_R0 to state STATE_QUICK_R1
pluto[17507]: "L2TP-PSK-NAT"[8] x.x.x.x #109: STATE_QUICK_R1: sent QR1,
inbound IPsec SA installed, expecting QI2
pluto[17507]: "L2TP-PSK-NAT"[8] x.x.x.x #109: transition from state
STATE_QUICK_R1 to state STATE_QUICK_R2
pluto[17507]: "L2TP-PSK-NAT"[8] x.x.x.x #109: STATE_QUICK_R2: IPsec SA
established {ESP=>0x06bddbec <0xfc9d43dd xfrm=AES_128-HMAC_SHA1 NATD=
x.x.x.x:50339 DPD=none}
The strange thing I¹ve noticed today is that the VPN connection seems to
drop when the DSL connection is used a lot by the other computer (the
10.0.0.2) which is not connected to the VPN
Let me know if I can help test something for you.
Cheers,
Christophe
On 2/15/06 12:04 PM, "Brett Curtis" <dashnu at gmail.com> wrote:
> Latest update Fix.. 10.4.5
>
> -VPN connections to Cisco servers when using NAT
>
> Hope they use the correct NAT-T now.. I will let you guys know.
>
> /me reboots
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20060215/2b4e1670/attachment.htm
More information about the Users
mailing list