[Openswan Users] win-xp (sp2) with nat-t not working with dsl
Paul Wouters
paul at xelerance.com
Thu Oct 26 18:41:18 EDT 2006
On Thu, 26 Oct 2006, Gbenga wrote:
> I wish someone who has been through this before will assist in my configuration. I have reduced my mtu gradually even upto 1000 without any luck. It is currently at 1472.
>
> Just in case I didn't explain well. I have openswan version 2.4.6 working with xl2tp-1.0.4 and ppp. If the client (win xp sp2) is on the internet address space they connect ok, but behind a gateway e.g dsl router from home, I can't connect. The IPSec SA established ok, just that ppp/x/l2tpd didn't pick up the call after that.
>
> Paul advised that it most likely a fragmentation issue but I am not getting a fragmentation error in the auth.log.
> my auth.log:
> Oct 26 00:51:21 aparo pluto[11330]: "l2tp-syseng"[4] 212.2.177.88 #352: STATE_QUICK_R2: IPsec SA established {ESP=>0x735d6531 <0xfbc91a78 xfrm=3DES_0-HMAC_MD5 NATD=212.2.177.88:12256 DPD=none}
>
> I also ran the l2pd in debug mode but nothing absolutely come up in it. On the list there are various people that claimed to have got it working for them but no mention of what they did to get it working!
Are you allowing udp port 4500 for NAT-T packets?
Paul
More information about the Users
mailing list