[Openswan Users] ipsec / l2tpd + iptables ?
Paul Wouters
paul at xelerance.com
Mon Nov 27 15:27:57 EST 2006
On Mon, 27 Nov 2006, Reza ISSANY wrote:
> No, this is my config :
> # basic configuration
> config setup
> interfaces="ipsec0=eth0"
> nat_traversal=yes
> virtual_private=%v4:!172.16.7.0/16,%v4:192.168.7.0/24
> klipsdebug=none
> plutodebug=all
disable that plutodebug line.
> conn %default
> left=88.191.35.181
>
> # Add connections here
> conn xp
> keyingtries=1
> compress=no
> disablearrivalcheck=no
> authby=rsasig
> leftrsasigkey=%cert
> rightrsasigkey=%cert
> leftcert=integration.pem
> leftprotoport=17/1701
> leftnexthop=88.191.35.1
> right=%any
> rightca=%same
> rightprotoport=17/1701
> rightsubnet=vhost:%no,%priv
> pfs=no
> auto=add
>
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf
Ok, so you are trying to use l2tp. Check the logs. do you get an IPsec SA established?
If not, the IPsec part is not working.
If you do, the next step is to check the server for ppp interfaces. If you don't get one,
the L2TP part is not working.
If you do ge ta ppp interfaces, then check Windows to see if you got an interfaces there.
If you did. Try and ping the gateway. If that works, ping something else and tcpdump
the packets on the gateway to see if you have a routing/firewall issue.
Paul
More information about the Users
mailing list