[Openswan Users] Linux IPsec client
Jacco de Leeuw
jacco2 at dds.nl
Tue Sep 26 16:38:48 EDT 2006
Xunhua Wang wrote:
> Sep 26 14:32:27 localhost pluto[3418]: packet from 68.235.168.219:500:
> ignoring unknown Vendor ID payload [4f456e4d43757f784f704063]
> Sep 26 14:32:27 localhost pluto[3418]: packet from 68.235.168.219:500:
> received Vendor ID payload [Dead Peer Detection]
No NAT-Traversal vendor IDs? There's also no NAT-T negotiation result.
> 134.126.20.79[C=US, ST=Virginia, L=Harrisonburg, O=JMU, OU=CS, CN=IPsec VPN
> Server 02]:17/1701...68.235.168.219[C=US, ST=Virginia, L=Harrisonburg,
> O=JMU, OU=CS, CN=Steve Wang]:17/1701===192.168.1.3/32
But the client appears to be behind so you need NAT-T.
The server's ipsec.conf has all the lines for NAT-T support but are you
sure that this ipsec.conf has actually been loaded?
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list