[Openswan Users] win-xp (sp2) with nat-t not working with dsl
Paul Wouters
paul at xelerance.com
Sun Nov 5 14:17:23 EST 2006
On Sun, 5 Nov 2006, Gbenga wrote:
> Apologies for coming back late on this, but it is still not working for me. I have changed all the options I think is that were suggested on the list without success. I've also upgraded to the latest xl2tpd (v1.1.05). no success yet.
Note that the 1.1.05 release is broken. We will release 1.1.06 on monday.
Paul
> It was mentioned on somewhere by Jacco that he has never had luck using kernel 2.6 with l2tpd - rw, so I have configure a kernel version 2.4.33.3 with all the necessary patches. I will report back on my adventure.
We did not test NETKEY with xl2tpd.
> One strange thing I noted in the auth.log is that: Nov 5 00:03:26 aparo pluto[16992]: "l2tp-syseng"[4] 194.125.79.166 #93: STATE_QUICK_R2: IPsec SA established {ESP=>0x43f2cdc5 <0x02450523 xfrm=3DES_0-HMAC_MD5 NATD=194.125.79.166:17805 DPD=none}
>
> "NATD=194.125.79.166:17805" !!! this is point to port other than 4500.
The source port is a random high port on OSX and unpatched Windows XP machines. You
will have to use rightprotoport=17/%any, but that might not exactly work either (this
is a known bug we're working on).
Paul
More information about the Users
mailing list