[Openswan Users] Help with ipsec/l2tpd and nat on client and
server
Chris Picton
chrisp at tangent.co.za
Tue Jul 11 13:38:47 CEST 2006
On Mon, 2006-07-10 at 17:08 +0200, Chris Picton wrote:
> On Mon, 2006-07-10 at 16:45 +0200, Chris Picton wrote:
> > > > > Which l2tp daemon are you using?
> > > > l2tpd-0.69-8jdl
> > > > I know it is a bit old and unmaintained - a colleague is investigating a
> > > > better version for me.
> > >
> > > Please try xl2tpd, which is a maintained fork of l2tpd-0.69:
> > > http://www.xelerance.com/software/xl2tpd/
> >
> > I am busy building a rpm for this, so I can test it.
>
> And the new version works!
It appears I spoke without testing everything.
The connection has so far worked once (I think it worked, but I may have
tested the wrong connection), and I have been unable to repeat this.
Currently I am still getting the logs showing an apparent successful
ipsec connection, which immediately is re-initiated.
The logs are the same as my previous posts on the subject.
Anywhere else that I can look?
I get the following:
Jul 11 12:34:52 dovetail-fw pluto[32674]: "L2TP-PSK-nat"[2]
196.209.54.254 #198: STATE_QUICK_R2: IPsec SA established
{ESP=>0x69afba64 <0xf5460b85 xfrm=3DES_0-HMAC_MD5
NATD=196.209.54.254:4500 DPD=none}
Immediately followed by:
Jul 11 12:34:52 dovetail-fw pluto[32674]: packet from
196.209.54.254:500: ignoring Vendor ID payload [MS NT5 ISAKMPOAKLEY
00000004]
Jul 11 12:34:52 dovetail-fw pluto[32674]: packet from
196.209.54.254:500: ignoring Vendor ID payload [FRAGMENTATION]
Jul 11 12:34:52 dovetail-fw pluto[32674]: packet from
196.209.54.254:500: received Vendor ID payload
[draft-ietf-ipsec-nat-t-ike-02_n] method set to=106
Jul 11 12:34:52 dovetail-fw pluto[32674]: packet from
196.209.54.254:500: ignoring Vendor ID payload [Vid-Initial-Contact]
Jul 11 12:34:52 dovetail-fw pluto[32674]: "L2TP-PSK-nat"[2]
196.209.54.254 #199: responding to Main Mode from unknown peer
196.209.54.254
More information about the Users
mailing list