[Openswan Users] Help with ipsec/l2tpd and nat on client and server

Paul Wouters paul at xelerance.com
Mon Jul 10 16:28:08 CEST 2006


On Mon, 10 Jul 2006, Chris Picton wrote:

> There are no disconnect messages.  Only when I press cancel on the
> client, or when the client timeout and says the remote peer is
> unreachable.
>
> The logs go straight from
> STATE_QUICK_R2: IPsec SA established
> to 4 vendor ID lines, to
> responding to Main Mode from unknown peer
> again

There was an bug that was triggered with Windows where the client would
continiously try to setup an IPsec tunnel. This was fixed in later
versions, but I'm not sure exactly in which version.

What does your OAKLEY.LOG say?
Which l2tp daemon are you using?

> > > I am also seeing "udp_encap_rcv(): Unhandled UDP encap type: 1" in my

> They dont seem to be fatal, as I get them when using the non-natted
> connection as well.

It is not a good sign, it means the udp encapsulated packet apparently
did not contain an ESP packet, meaning something got mangled somehow.

Paul


More information about the Users mailing list