[Openswan Users] Fw: l2tp Linux client again..

Jacco de Leeuw jacco2 at dds.nl
Mon Oct 1 04:22:27 EDT 2007

Gbenga wrote:

> On the iptables/firewall [nat device], I have the following rules that
> basically allow non-rfc 1918 through on proto 50, port 500 & 4500, then
> mark esp packet with dst 1701 and forward to vpn server.

The NAT device and the VPN server are seperate boxes, right? Then you should
not need to mark those packets. You only need to forward UDP 500 and 4500,
not IP protocol 50, 51, UDP 1701 etc.

> tail -f /var/log/deamon.log on the vpn server shows this:
> Sep 23 21:16:52 laptop xl2tpd[6431]: Connecting to host, port 1701

Are you sure this is the server's log? And could you post your ipsec.conf
and l2tpd.conf?


Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list