[Openswan Users] need some help with openswan / l2tpd
Reza ISSANY
issanyr at laposte.net
Wed Nov 22 04:39:08 EST 2006
My openswan is already patched with NAT :*
Nov 21 23:12:12 sd-5193 pluto[25688]: including NAT-Traversal patch
(Version 0.6c)*
Is someone could post me an exemple of a working l2tpd configuration
please ?
I think that my "ipsec.conf" is correctly configured. Thanks for your help.
>
> Peter McGill a écrit :
>> (Off list)
>>
>>> OK, i've tried your configuration without type=transport and the
>>> line "Transport mode disabled ..." disappears :
>>> But the connection still doesn't works.
>>
>> Sorry about that, Paul corrected me, but I guess you haven't seen
>> that yet.
>> You still need, type=transport, but you also need.
>>> That openswan was compiled without
>>> USE_NAT_TRAVERSAL_TRANSPORT_MODE?=true
>>> Edit in Makefile.inc and recompile.
>> See below for more detail.
>>
>> Peter
>>
>>> On Tue, 21 Nov 2006, Peter McGill wrote:
>>>
>>>> > I'd like to configure ipsec with an l2tpd authentication. I
>>>> already have a fonctionnal connection
>>>> > at my work (using the win xp pro sp2 vpn l2tp client).
>>>>
>>>> I have almost the same setup, although I don't have NAT-T enabled
>>>> on mine.
>>>> I just got mine working yesterday, so I'm no expert, but it works.
>>>>
>>>> > type=transport
>>>> I don't have this line in my conn, are you sure you need it.
>>>
>>> Yes you do on 2.4.7. It happened to work on older openswan's without it
>>> (and in fact on older ones you couldn't use it in combination with the
>>> nat-t rightsubnet= line.
>>>
>>>> The default is type=tunnel, which is what I'm using without the line.
>>>
>>> No, you're using transport mode, you just don't know it :)
>>>
>>>> > Nov 21 17:42:48 sd-5193 pluto[25394]: "roadwarriorxp"[4]
>>>> 82.236.77.42:11559 #4: NAT-Traversal: Transport mode disabled due to
>>>> > security concerns
>>>
>>> That openswan was compiled without
>>> USE_NAT_TRAVERSAL_TRANSPORT_MODE?=true
>>> Edit in Makefile.inc and recompile.
>>>
>>> Paul
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20061122/683c6783/attachment.html
More information about the Users
mailing list