[Openswan Users] l2tpd/ppp/openswan on redhat as 4
Christophe Ngo Van Duc
cngovanduc at gmail.com
Wed Jan 25 11:42:37 CET 2006
Hi,
I managed to make it work. I completely reinstalled a kernel 2.4.32 with
the NAT-T patch, KLIPS 2.4.5rc4, on a new server and it almost worked right
away.
So finally I trashed the redhat AS 4 ... :)
On 1/20/06 12:47 AM, "Paul Wouters" <paul at xelerance.com> wrote:
> On Fri, 20 Jan 2006, Christophe Ngo Van Duc wrote:
>
>> I've been struggling with making work the following config for some
>> roadwarriors (winxp)
>> openswan 2.4.5rc4
>> l2tpd-0.69-12jdl.i386.rpm
>> ppp-2.4.2-6.4.RHEL4
>> kernel 2.6.9-5.ELsmp
>
> If using netkey, 2.6.9 is really a bad old kernel. And if using klips, you
> should not use smp because it crashes klips :(
>
>> Jan 20 03:05:54 cedric pluto[830]: "L2TP-PSK"[6] x.x.x.x #12:
>> STATE_QUICK_R2: IPsec SA established {ESP=>0xa087e7fe <0x4a7ab458
>> xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}
>
> Note that it says no nat is detected.
>
>> connection "L2TP-PSK" instance with peer 82.238.30.8 {isakmp=#0/ipsec=#0}
>> Jan 20 03:06:29 cedric pluto[830]: packet from x.x.x.x:500: received and
>> ignored informational message
>> Jan 20 03:06:32 cedric pluto[830]: ERROR: asynchronous network error report
>> on eth1 (sport=500) for message to x.x.x.x port 500, complainant x.x.x.z: No
>> route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
>
> The router x.x.x.z is telling you that it cannot route to x.x.x.x. But x.x.x.x
> apparnetly did manage to send you a packet. You will need to fix that.
>
> Paul
More information about the Users
mailing list