[Openswan Users] L2TP setup - shouldn't this be ESP?

Radek Antoniuk r.antoniuk at pixel.com.pl
Mon Jun 19 11:46:03 CEST 2006


Hi,

I have setup a succesful X509 conn at last. Now setting up L2TP, but hmmm...
Have a question.
After establishing IPSec tunnel between the RW and the GATEKEEPER, i see 
  packets destined to the L2TP/1701 port.
Shouldn't it be ESP? Because IMHO in this case this is not secure enough...

100.100.100.100 is my RW address
100.100.100.100 is the GATEKEEPER

10:40:01.290434 IP (tos 0x0, ttl 127, id 301, offset 0, flags [none], 
proto: UDP (17), length: 128) 100.100.100.100.1701 > 
200.200.200.200.1701:  l2tp:[TLS](0/0)Ns=0,Nr=0 *MSGTYPE(SCCRQ) 
*PROTO_VER(1.0) *FRAMING_CAP(S) *BEARER_CAP() |...



-- 
Best regards,
Radek Antoniuk


More information about the Users mailing list