[Openswan Users] L2TP/IPSec Windows XP Connected but no Traffic

[Peter McGill]

On Mon, Nov 20, 2006 Peter McGill wrote:
> On Fri, Nov 17, 2006 Paul Wouters wrote:
>> On Fri, 17 Nov 2006, Peter McGill wrote:
>> 
>>> I setup a L2TP/IPSec X.509 connection from my Windows XP Home laptop,
>>> to my Linux 2.4.31 Openswan 2.4.6 xl2tpd 1.1.05 office server.
>>>
>>> When I ping the private ip of the office server from the laptop, with the connection
>>> up, using tcpdump on the server, I can see the pings coming and going on the,
>>> ppp0 interface, and the l2tp packets on the ipsec0 interface, and the esp packets
>>> on the eth1 (my public) interface. So everything in the linux server appears to be
>>> fine.
>>>
>>> The windows firewall is disabled, however I'm still not receiving any responses back.
>>> So windows is obviously sending through the vpn ok, but not receiving properly.
>>> Any suggestions? I'm stumped.
>> 
>> Do your ping tagets know about the l2tp IP address pool and how to reach it?
>> 
>> This is mostly a problem if your l2tp server is not the default gateway of
>> your office lan that contains the l2tp IP range.
> 
> Yes this is the default gateway of the office lan, and there is routes for the other lans,
> to route the remote address pool here to this gateway. Anyway's I'm pinging the
> gateway/vpn directly on it's lan address, so those should not be an issue.
> Also I have the linux firewall logging all dropped packets, and they're not there, so
> it's not the linux firewall either.

FYI: I just did packet capture on the Windows XP machine using Ethereal, and the ping
replies are returning to the Windows machine, however, they're not making it all the way
through the networking system back to the ping program, any ideas?

I have installed a number of different IPSec clients in the past on this machine, perhaps
one of them changed the IPSec stack to be incompatible with Windows L2TP/IPSec?

Peter