[Openswan Users] Fw: l2tp Linux client again..
Jacco de Leeuw
jacco2 at dds.nl
Mon Oct 1 04:22:27 EDT 2007
> On the iptables/firewall [nat device], I have the following rules that
> basically allow non-rfc 1918 through on proto 50, port 500 & 4500, then
> mark esp packet with dst 1701 and forward to vpn server.
The NAT device and the VPN server are seperate boxes, right? Then you should
not need to mark those packets. You only need to forward UDP 500 and 4500,
not IP protocol 50, 51, UDP 1701 etc.
> tail -f /var/log/deamon.log on the vpn server shows this:
> Sep 23 21:16:52 laptop xl2tpd: Connecting to host 10.10.1.57, port 1701
Are you sure this is the server's log? And could you post your ipsec.conf
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users