[Openswan Users] Help with ipsec/l2tpd and nat on client and server

Chris Picton chrisp at tangent.co.za
Mon Jul 10 17:12:17 CEST 2006


On Mon, 2006-07-10 at 15:28 +0200, Paul Wouters wrote:
> On Mon, 10 Jul 2006, Chris Picton wrote:
> 
> > There are no disconnect messages.  Only when I press cancel on the
> > client, or when the client timeout and says the remote peer is
> > unreachable.
> >
> > The logs go straight from
> > STATE_QUICK_R2: IPsec SA established
> > to 4 vendor ID lines, to
> > responding to Main Mode from unknown peer
> > again
> 
> There was an bug that was triggered with Windows where the client would
> continiously try to setup an IPsec tunnel. This was fixed in later
> versions, but I'm not sure exactly in which version.

I am using 2.4.5, which appears to be the latest stable.

> 
> What does your OAKLEY.LOG say?
I don't have an oakley.log, on the linux or windows machine


> Which l2tp daemon are you using?
l2tpd-0.69-8jdl
I know it is a bit old and unmaintained - a colleague is investigating a
better version for me.



> 
> > > > I am also seeing "udp_encap_rcv(): Unhandled UDP encap type: 1" in my
> 
> > They dont seem to be fatal, as I get them when using the non-natted
> > connection as well.
> 
> It is not a good sign, it means the udp encapsulated packet apparently
> did not contain an ESP packet, meaning something got mangled somehow.
> 
> Paul



More information about the Users mailing list