[Openswan Users] ipsec / l2tpd + iptables ?

Paul Wouters paul at xelerance.com
Mon Nov 27 15:27:57 EST 2006

On Mon, 27 Nov 2006, Reza ISSANY wrote:

> No, this is my config :

> # basic configuration
> config setup
>        interfaces="ipsec0=eth0"
>        nat_traversal=yes
>        virtual_private=%v4:!,%v4:
>        klipsdebug=none
>        plutodebug=all

disable that plutodebug line.

> conn %default
>        left=
> # Add connections here
> conn xp
>        keyingtries=1
>        compress=no
>        disablearrivalcheck=no
>        authby=rsasig
>        leftrsasigkey=%cert
>        rightrsasigkey=%cert
>        leftcert=integration.pem
>        leftprotoport=17/1701
>        leftnexthop=
>        right=%any
>        rightca=%same
>        rightprotoport=17/1701
>        rightsubnet=vhost:%no,%priv
>        pfs=no
>        auto=add
> #Disable Opportunistic Encryption
> include /etc/ipsec.d/examples/no_oe.conf

Ok, so you are trying to use l2tp. Check the logs. do you get an IPsec SA established?
If not, the IPsec part is not working.

If you do, the next step is to check the server for ppp interfaces. If you don't get one,
the L2TP part is not working.

If you do ge ta ppp interfaces, then check Windows to see if you got an interfaces there.
If you did. Try and ping the gateway. If that works, ping something else and tcpdump
the packets on the gateway to see if you have a routing/firewall issue.


More information about the Users mailing list