[Openswan Users] ipsec/l2tpd up but Terminal server Does not work
Potato Chip
jc-openswan at jline.com
Thu Jun 8 13:21:07 CEST 2006
I have been dealing with a similar problem for the past month. The only
difference is my ipsec tunnel is connected between 2 openswan endpoints,
both running linux v2.6.16. Also, I am only having the problem
connecting via remote desktop with a windows 2003 server, which happens
to be an active directory DC for my network. Typically, a reboot fixes
the problem, until a few days later when the problem reappears. Remoting
to other windows servers is fine.
Needless to say, this has been a vexing problem for me. Several months
of testing discovered no problems at all with the transition. Only after
starting the migration into a production environment did the problems
become apparent.
I am still testing at this point, but for me, it appears to be a MTU
problem with windows 2003. win2003 blatantly seems to ignore ICMP3
packets. I could find no effective means of setting an MTU on the
win2003 machine. It continues to send length 1400+ byte packets, even
though I have set registry settings to set the MTU to 1200 bytes.
I followed the advice on this msft support page. I just set every
registry setting.
http://support.microsoft.com/kb/314825/en-us
Thus far, I have not seen the problem reappear. However, I am still
testing, when I get time, to figure out *exactly* what the problem was.
Good luck and let me know what you find,
Jae
-----Original Message-----
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of Federico
Sent: Thursday, June 08, 2006 12:13 AM
To: users at openswan.org
Subject: [Openswan Users] ipsec/l2tpd up but Terminal server Does not
work
Hello,
I’m having a strange problem:
Ipsec/l2tpd vpn start corretctly and I can ping in both sides, I can
connect for example in a ssh to my servers on the LAN
But when I try to do a Windows Terminal Service (WTS) connection in a
server on the LAN, It doesn't work. Using tcpdump I can see (encrypted)
packets go back and forth from VPN server to PC....(I can see also the
decrypted packet going in and out from eth1 (lan).. WTS packet also...
as everything was ok... So it seems that the windows clients doesn't
work.... but only for wts packets...
I already try to modify the mtu size on options.l2tpd, eht3 (VPN), eth1
(LAN) but....
I use the same l2tpd (0.70)and ipsec (2.2.0.8) version of another vpn
server (kernel 2.6.8) where everything works fine.... The only
difference with this is the linux kernel: 2.6.16 Could you help me?
Thank you in advance
=============================================
Federico Viel
Multibel srl
Via Marisiga, 111
32100 Belluno
Italy
E-Mail: fviel at comune.belluno.it
Direct:+39 (0437) 25768
FAX: +39 (0437) 958854
Cell:+39 393 9752460 =============================================
_______________________________________________
Users at openswan.org http://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with Openswan:
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n(3155
More information about the Users
mailing list