Jacco de Leeuw
jacco2 at dds.nl
Sun Jul 16 00:52:59 CEST 2006
Meron Lavie wrote:
> I have a Linux FC5 serving as a Gateway/Firewall/Openswan server, behind an
> ADSL (PPPoE ?) modem/router.
So the Openswan server is NATed, and the Windows 2003 Server (acting as
a client) is not.
> in the /var/log/secure log I see:
> 184.108.40.206 #1: Quick Mode I1 message is unacceptable because it uses a
There must be more in the logs but it has been cut off.
> EXTERNAL CLIENT:
> W2K3 Server/SP1
> Default MS IPSec client, configured for PSK.
This is a known problem. I don't know exactly what is going on:
* Windows Server 2003 used as a client connecting to Openswan server
behind NAT: Windows 2003 disconnects (SA dead / Delete SA) for
some reason? Even with "AssumeUDPEncapsulationContextOnSendRule"
set to 1.
I did not look into it much because I figured that not many people
would want to pay for a Windows 2003 Server licence and then use it
only as a client.
Could you try with a Windows XP or 2000 client on the external network?
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users