[Openswan Users] linux box <> WinXP/SP2 problem (NAT-T, LTPD)
Paul Wouters
paul at xelerance.com
Fri Jan 13 17:05:09 CET 2006
On Fri, 13 Jan 2006, Radek Antoniuk wrote:
> I have made and signed both of the certificates, but openswan seems not to
> like the one presented by WinXP.
Seems you are using an old openswan version.
> And an additional question. What LTPD do you use? Cause the www.ltpd.org site
> is now down.
l2tpd from that site is in Fedora Extras, and a somewhat older version is in
Debian. Xelerance, which maintains the version in FE, also puts the source on
their web/ftp sites: ftp.openswan.org/xl2tpd/
> I have switched to rp-l2tp-0.4. Any other useful daemons? Does anybody have a
> working example with this daemon? (NAT-T is required)
l2tpd examples are included in openswan-2.4.x and are available on Jacco's pages,
though I'm not sure if he has updated his examples to the latest settings.
> And the last question. Is there any native method of authentication with One
> Time Passwords like PSKs? Or only by using some 'external' ideas like RADIUS
> or something?
There is no native method.
> Jan 12 03:21:34 fufu pluto[6533]: "l2tp-X.509"[4] 193.16.255.138 #16:
> transition from state STATE_MAIN_R1 to state STATE_MAIN_R2
> Jan 12 03:21:34 fufu pluto[6533]: "l2tp-X.509"[4] 193.16.255.138 #16:
> STATE_MAIN_R2: sent MR2, expecting MI3
> Jan 12 03:21:34 fufu pluto[6533]: "l2tp-X.509"[4] 193.16.255.138 #16: next
> payload type of ISAKMP Hash Payload has an unknown value: 239
> Jan 12 03:21:34 fufu pluto[6533]: "l2tp-X.509"[4] 193.16.255.138 #16:
> malformed payload in packet
Can you upgrade to 2.4.5rc3 ?
Paul
More information about the Users
mailing list