[Openswan Users] L2TP/IPSec Windows XP Connected but no Traffic (Solved)

Peter McGill petermcgill at goco.net
Mon Nov 20 13:22:25 EST 2006 

On Mon, November 20, 2006 Peter McGill wrote:
> On Mon, Nov 20, 2006 Peter McGill wrote:
>> On Fri, Nov 17, 2006 Paul Wouters wrote:
>>> On Fri, 17 Nov 2006, Peter McGill wrote:
>>> 
>>>> I setup a L2TP/IPSec X.509 connection from my Windows XP Home laptop,
>>>> to my Linux 2.4.31 Openswan 2.4.6 xl2tpd 1.1.05 office server.
>>>>
>>>> When I ping the private ip of the office server from the laptop, with the connection
>>>> up, using tcpdump on the server, I can see the pings coming and going on the,
>>>> ppp0 interface, and the l2tp packets on the ipsec0 interface, and the esp packets
>>>> on the eth1 (my public) interface. So everything in the linux server appears to be
>>>> fine.
>>>>
>>>> The windows firewall is disabled, however I'm still not receiving any responses back.
>>>> So windows is obviously sending through the vpn ok, but not receiving properly.
>>>> Any suggestions? I'm stumped.
>>> 
>>> Do your ping tagets know about the l2tp IP address pool and how to reach it?
>>> 
>>> This is mostly a problem if your l2tp server is not the default gateway of
>>> your office lan that contains the l2tp IP range.
>> 
>> Yes this is the default gateway of the office lan, and there is routes for the other lans,
>> to route the remote address pool here to this gateway. Anyway's I'm pinging the
>> gateway/vpn directly on it's lan address, so those should not be an issue.
>> Also I have the linux firewall logging all dropped packets, and they're not there, so
>> it's not the linux firewall either.
> 
> FYI: I just did packet capture on the Windows XP machine using Ethereal, and the ping
> replies are returning to the Windows machine, however, they're not making it all the way
> through the networking system back to the ping program, any ideas?
> 
> I have installed a number of different IPSec clients in the past on this machine, perhaps
> one of them changed the IPSec stack to be incompatible with Windows L2TP/IPSec?

Uninstalled Shrew Soft VPN Client, problem solved.
I can ping, check e-mail, login to servers in other lans, everything works.

Peter

More information about the Users mailing list