[Openswan Users] XL2TPD/Double NAT issue

Paul Wouters paul at xelerance.com
Wed Oct 10 12:02:47 EDT 2007

On Wed, 10 Oct 2007, Gerald Vogt wrote:

> > Then you have very likely misconfigured L2TP, either on the server or the client.
> O.K. I did not set the AssumeUDPEncapsulationContextOnSendRule registry
> key on the Windows computer. That's why windows established one ipsec sa
> after another. I have set the value to 2 and now I have the same results
> on mac and windows:
> I get a successful connection to the server behind a nat router as long
> as the client is not also behind another nat router. When the client is
> behind a nat router as well, i.e. I have double nat, it does not work
> anymore.

> Could this be an MTU issue? It is kind of weird that xl2tpd gets a
> read-ready in select() on a socket but the next recv reports it would
> still block. Or is this a kernel issue?

It could be. Did you try setting the ethX mtu to  1472?

Did you also ensure the firewal was off, just in case?


More information about the Users mailing list