[Openswan Users] win-xp (sp2) with nat-t not working with dsl

Paul Freeman paul.freeman at eml.com.au
Sun Nov 5 18:47:27 EST 2006 

Paul
What is broken in xl2tpd v1.1.05?

Regards

Paul

+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++
EML Consulting Services Pty Ltd Telephone: +61 3 9836 1999
417-431 Canterbury Road Facsimile: +61 3 9836 0517
SURREY HILLS, VICTORIA 3127 Email: Paul.Freeman at eml.com.au
+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++---+++

>-----Original Message-----
>From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
>Behalf Of Paul Wouters
>Sent: Monday, November 06, 2006 6:17 AM
>To: Gbenga
>Cc: users at openswan.org
>Subject: Re: [Openswan Users] win-xp (sp2) with nat-t not working with dsl
>
>On Sun, 5 Nov 2006, Gbenga wrote:
>
>> Apologies for coming back late on this, but it is still not working for
>me. I have changed all the options I think is that were suggested on the
>list without success. I've also upgraded to the latest xl2tpd (v1.1.05). no
>success yet.
>
>Note that the 1.1.05 release is broken. We will release 1.1.06 on monday.
>
>Paul
>
>> It was mentioned on somewhere by Jacco that he has never had luck using
>kernel 2.6 with l2tpd - rw, so I have configure a kernel version 2.4.33.3
>with all the necessary patches. I will report back on my adventure.
>
>We did not test NETKEY with xl2tpd.
>
>> One strange thing I noted in the auth.log is that: Nov  5 00:03:26 aparo
>pluto[16992]: "l2tp-syseng"[4] 194.125.79.166 #93: STATE_QUICK_R2: IPsec SA
>established {ESP=>0x43f2cdc5 <0x02450523 xfrm=3DES_0-HMAC_MD5
>NATD=194.125.79.166:17805 DPD=none}
>>
>> "NATD=194.125.79.166:17805" !!! this is point to port other than 4500.
>
>The source port is a random high port on OSX and unpatched Windows XP
>machines. You
>will have to use rightprotoport=17/%any, but that might not exactly work
>either (this
>is a known bug we're working on).
>
>Paul
>_______________________________________________
>Users at openswan.org
>http://lists.openswan.org/mailman/listinfo/users
>Building and Integrating Virtual Private Networks with Openswan:
>http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155

More information about the Users mailing list