[Openswan Users] ipsec/l2tp problem
Toby Chamberlain
toby at webtechservices.com.au
Fri Aug 8 19:25:00 EDT 2008
Hi James,
I am having a similar problem to you - the l2tp is stopping at the SCCRQ
send and eventually timing out.... One thing I have noticed is the the
server is trying to send the l2tp in the clear, not down the IPSEC tunnel.
If you do a tcpdump like "tcpdump -vi eth<x> port 4500 or port l2f" what do
you see?
Toby
--------------------------------------------------
From: "james" <james at softroute.net>
Sent: Saturday, August 02, 2008 5:47 AM
To: <users at openswan.org>
Subject: [Openswan Users] ipsec/l2tp problem
> Hi,
>
>
>
> I would like to set up a Linux IPSec/L2TP VPN server with the following
> software:
>
>
>
> Fedora Core6 with 2.6.18
>
>
>
> Openswan 2.4.13
>
>
>
> xl2tpd-1.1.11
>
>
>
>
>
> The ipsec connection is fine, but at the l2tp connection procedure, when
> the
> client (behind a NAT server with public IP 74.13.213.134) send SCCRQ
> control
> message, the server side report error:
>
>
>
> packet from 74.13.213.134*:4500: recvfrom 74.13.213.134:4500 has no
> Non-ESP
> marker,
>
>
>
> Then the client time out:
>
> Connection 0 closed to 74.13.213.156, port 1701 (Timeout)
>
>
>
> It seems the server don't accept UDP ESP packet.
>
>
>
> Any solution?
>
>
>
> Thanks
>
>
>
>
>
> Best regards,
>
>
>
> James
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
More information about the Users
mailing list