[Openswan Users] [patch] bug 393: Aggressive mode doesn't work with NAT-T, rejects NAT-D payload
Martin Koller
koller at etm.at
Wed Feb 14 03:45:53 EST 2007
Hi,
I'm using openswan-2.4.7 on Linux/2.6.18 and try to connect from home to an
SonicWall server running on Windows in the company.
This worked up till the last upgrade on the company side.
Since then I get the following error when trying to establish the vpn
connection:
message ignored because it contains an unknown or unexpected payload type
(ISAKMP_NEXT_NAT-D) at the outermost level
I found the same error in the openswan bugtracking system at 393 (see
subject).
Checking the sources of openswan, I tried to solve this, and I succeeded with
the following simple patch.
As this is a long standing problem, I hope someone of the core developers can
check if the given solution is valid (note: I have no deep knowledge about
ipsec; I was simply trying something I thought might help ...)
If any developer needs my help in testing/reproducing the problem, please
contact me. I'm really interested in helping fixing that bug in the openswan
official version.
--
MfG, () ascii ribbon campaign - against html mail
Martin /\ - against microsoft attachments
Computers and Internet gave you freedom.
TCPA would TAKE your FREEDOM! http://www.againsttcpa.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ISAKMP_NEXT_NAT-D.patch
Type: text/x-diff
Size: 361 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20070214/5e5f0fdb/attachment.bin
More information about the Users
mailing list