[Openswan Users] WG: Problems connecting to IPSec server

Martin Krellmann martin at krellmann.net
Sat Sep 22 12:16:36 EDT 2007


Oh yeah... of course ipsec.conf would be useful.
I'm using XP 64bit version, but also tested it with a Windows Server 2003 OS
and got the same results.

Debugging is set in ipsec.conf for analyzing the process, but I switched it
off now.

NAT is not involved in the test environment (i'm trying to connect on LAN to
the server), but later it'll be necessary because the server is behind a
firewall/router

Vpn-log.html contains the output of the windows diagnostic log for the vpn
connection attempt. Maybe this is useful, too.

Martin.


-----Ursprüngliche Nachricht-----
Von: Jacco de Leeuw [mailto:jacco2 at dds.nl]
Gesendet: Freitag, 21. September 2007 16:45
An: users at openswan.org
Betreff: Re: [Openswan Users] Problems connecting to IPSec server

Martin Krellmann wrote:

> I have problems establishing a connection to my Openswan IPSec server 
> (U2.4.9/K2.6.11.4-21.17-default; it runs on SuSE Linux 9.3) via the 
> Windowd XP (x64 SP2) VPN client.

Do you mean you use the x64 edition of Windows XP? Or do you use the regular
32-bit XP on an x64 CPU? I have not tested with the x64 edition, to be
honest, it wasn't that popular.

> Sep 21 18:11:21 vpngate pluto[7279]: "l2tp-cert-orgWIN2KXP" #3: next 
> payload type of ISAKMP Hash Payload has an unknown value: 91

Is NAT involved somewhere? NAT traversal is not enabled.
The "l2tp-cert-orgWIN2KXP" seems to indicate a non-updated client is
connecting. You didn't include your ipsec.conf, perhaps the output of 'ipsec
barf > output.txt' would be useful. But make sure you set debug to none in
ipsec.conf.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: barf-output.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20070922/c616440c/attachment-0001.txt 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ipsec.conf
Type: application/octet-stream
Size: 919 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20070922/c616440c/attachment-0001.obj 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070922/c616440c/attachment-0001.htm 


More information about the Users mailing list