[Openswan Users] Cisco and Win2003 fixes in Openswan 2.4.10
Jacco de Leeuw
jacco2 at dds.nl
Sun Feb 24 16:48:43 EST 2008
>From the Openswan 2.4.10 changelog:
#449: 17/%any is a template conn problem [mcr]
#802: Error: "our client ID returned doesn't match my proposal" [mcr/paul]
These fix problems with Cisco and Windows Server 2003 based L2TP/IPsec
servers. Couple of questions:
- I see that the bug relating to the Cisco problem is closed, but has
anyone confirmed that by actually connecting to one?
- When connecting to a Cisco server, the following is logged:
"Allowing bad L2TP/IPsec proposal (see bug #849) anyway".
I suppose this refers to bug #449 as well? Bug #849 is not
listed in the changelog.
- Windows Server 2003 and ISA Server 2006 also send bad L2TP/IPsec
proposals: they are confused about subnets in the negotiation.
However, unlike the Cisco fix, the workaround in Openswan 2.4.10 is
not enabled by default. You have to define ALLOW_MICROSOFT_BAD_PROPOSAL
to enable the workaround. Are there any cons in enabling it? Or is it
a matter of waiting for Microsoft to fix their stuff?
- Is there anyone who tried connecting to Windows Server 2008?
I don't suppose Microsoft has fixed the problem mentioned above?
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users