[Openswan Users] openswan + l2tpd + iptables problem
mechanix at debian.org
mechanix at debian.org
Wed Oct 4 11:41:48 EDT 2006
Hi all,
I'm having issues with a Windows XP Pro roadwarrior connecting to a
linux 2.6 l2tp/openswan gateway.
When I start the connection on the roadwarrior, the SA is established
but then l2tpd never receives any packets - they hit the firewall
running on the openswan gateway, on the outside interface, and appear to
never have been encrypted:
in /var/log/auth.log:
Oct 4 22:55:30 scotos pluto[622]: "roadwarrior-l2tp"[4] RW.IP.ADDR.ESS #8: STATE_QUICK_R2: IPsec SA established {ESP=>0xfad55f45 <0x5544ebd3 xfrm=3DES_0-HMAC_MD5 NATD=none DPD=none}
right afterwards, in /var/log/kern.log:
Oct 4 22:55:30 scotos kernel: IN=eth1 OUT= MAC=00:15:c5:61:0a:de:00:90:d0:8e:75:c9:08:00 SRC=RW.IP.ADDR.ESS DST=GW.IP.ADDR.ESS LEN=139 TOS=0x00 PREC=0x00 TTL=102 ID=4703 PROTO=UDP SPT=1701 DPT=1701 LEN=119
a little while later, back in /var/log/auth.log:
Oct 4 22:55:52 scotos pluto[622]: "roadwarrior-l2tp"[3] RW.IP.ADDR.ESS #7: ERROR: asynchronous network error report on eth1 (sport=500) for message to RW.IP.ADDR.ESS port 500, complainant GW.IP.ADDR.ESS: No route to host [errno 113, origin ICMP type 3 code 1 (not authenticated)]
The same roadwarrior can connect fine to another gateway which is set up
nearly identical to the one which does not work. The two gateways also
successfully keep open a network to network tunnel between them.
Any ideas?
Thanks,
Filip
More information about the Users
mailing list