[Openswan Users] Prb with xl2tpd
Christophe Ngo Van Duc
cngovanduc at gmail.com
Wed Aug 29 08:52:06 EDT 2007
Dear Tomasz & all,
This did solve my problem, I am still wondering why I need to put this
explicit parameter.
The default route gateway point to the same gateway I now use in
leftnexthop.
Many thanks for the help,
Christophe.
_____
From: users-bounces at openswan.org [mailto:users-bounces at openswan.org] On
Behalf Of Tomasz Grzelak
Sent: mardi 28 août 2007 02:30
To: users at openswan.org
Subject: Re: [Openswan Users] Prb with xl2tpd
2007/8/28, Christophe Ngo Van Duc <cngovanduc at gmail.com>:
Dear all,
I am encountering a problem with a roadwarrior setup with netkey
(ipsec/l2tpd/ppp/radius)
I can establish the IPSec SA, then I use the mangling rule to forward to
l2tp:
$IPT -t mangle -A PREROUTING -p esp -j MARK --set-mark 1
$IPT -t nat -A PREROUTING -m mark --mark 1 -p udp --dport 1701 -j DNAT
--to internal-ip
I am getting the following error on l2tpd side:
xl2tpd[11438]: control_finish: Peer requested tunnel 15 twice, ignoring
second one.
xl2tpd[11438]: control_finish: Peer requested tunnel 15 twice, ignoring
second one.
xl2tpd[11438]: Maximum retries exceeded for tunnel 14572. Closing.
A tcpdump also show me that no ESP traffic is sent back to the
roadwarrior.
hello,
it looks like incoming traffic is arriving, but can't be send back.
first idea - do you have leftnexthop/rightnexthop set in your ipsec.conf to
your default gateway to Internet?
If not, try to set it up.
Regards,
Tomasz Grzelak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070829/44cc4dba/attachment-0001.html
More information about the Users
mailing list