[Openswan Users] Cisco IP Redirect and L2TP
Lars Behrens
lars at hfk-bremen.de
Thu Dec 6 14:53:30 EST 2007
Hello, Nico,
finally, a good explanation, I guess - our cisco-admins told me that
ip redirect is used to define the best routing in case of a digest of
routes (kind of OSPF). actually, here are no other gateways i.e.
routers between the cisco and our OpenSwan-gateway. totaly strange: I
am managing another OpenSwan-gateway with L2TP-clients, there is "no
ip redirect" sat on a cisco and we have no problems at all. *but* we
sometimes experience problems with dial-up-clients when the packets
seem to be blocked by a firewall (where indeed no firewall *is*).
gateway-to-gateway-connections are *never* affected, even if they
are taken the same route where roadwarriors cant connect.
Could be a problem with the ciscos blocking l2tp-packets on the way
from the OpenSwan-gateway to the roadwarrior (or vice versa) - but why?
in this special case, we are now switching to OpenVPN. looks like it
works very well. and, maybe not at least because of some problems
with L2tp-connections, our boss will decide to switch to a Cisco ASA
with Cisco-clients on the roadwarriorsystems i the not so far future ...
anyway, thanx for the hints!
greetings
lars
More information about the Users
mailing list