[Openswan Users] l2tpd/ppp/openswan on redhat as 4

Christophe Ngo Van Duc cngovanduc at gmail.com
Wed Jan 25 11:42:37 CET 2006


Hi,

  I managed to make it work. I completely reinstalled a kernel 2.4.32 with
the NAT-T patch, KLIPS 2.4.5rc4, on a new server and it almost worked right
away.

  So finally I trashed the redhat AS 4 ... :)


On 1/20/06 12:47 AM, "Paul Wouters" <paul at xelerance.com> wrote:

> On Fri, 20 Jan 2006, Christophe Ngo Van Duc wrote:
> 
>>   I've been struggling with making work the following config for some
>> roadwarriors (winxp)
>>   openswan 2.4.5rc4
>>   l2tpd-0.69-12jdl.i386.rpm
>>   ppp-2.4.2-6.4.RHEL4
>>   kernel 2.6.9-5.ELsmp
> 
> If using netkey, 2.6.9 is really a bad old kernel. And if using klips, you
> should not use smp because it crashes klips :(
> 
>>  Jan 20 03:05:54 cedric pluto[830]: "L2TP-PSK"[6] x.x.x.x #12:
>> STATE_QUICK_R2: IPsec SA established {ESP=>0xa087e7fe <0x4a7ab458
>> xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}
> 
> Note that it says no nat is detected.
> 
>> connection "L2TP-PSK" instance with peer 82.238.30.8 {isakmp=#0/ipsec=#0}
>> Jan 20 03:06:29 cedric pluto[830]: packet from x.x.x.x:500: received and
>> ignored informational message
>> Jan 20 03:06:32 cedric pluto[830]: ERROR: asynchronous network error report
>> on eth1 (sport=500) for message to x.x.x.x port 500, complainant x.x.x.z: No
>> route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
> 
> The router x.x.x.z is telling you that it cannot route to x.x.x.x. But x.x.x.x
> apparnetly did manage to send you a packet. You will need to fix that.
> 
> Paul




More information about the Users mailing list