[Openswan Users] L2TP problem... I think
Andrew Tolboe
tolboe at reaction-eng.com
Mon Mar 3 15:50:32 EST 2008
Paul Wouters wrote:
> On Sun, 2 Mar 2008, Andrew Tolboe wrote:
>
>
>> Mar 2 14:18:34 firewall pluto[746]: "l2tp-X.509"[2] 155.97.239.238 #2:
>> STATE_QUICK_R2: IPsec SA established {ESP=>0x4313518b <0x8c64e023
>> xfrm=3DES_0-HMAC_MD5 NATD=155.97.239.238:4500 DPD=none}
>>
>
> Okay.
>
>
>> Mar 2 14:18:40 firewall pluto[746]: ERROR: asynchronous network error
>> report on br0 (sport=4500) for message to 155.97.239.238 port 4500,
>> complainant ***.***.103.174: No route to host [errno 113, origin ICMP
>> type 3 code 1 (not authenticated)]
>>
>
> Looks like you might be blocking udp 4500 packets.
>
>
>> Mar 2 14:19:01 firewall pluto[746]: "l2tp-X.509"[2] 155.97.239.238 #1:
>> received Delete SA(0x4313518b) payload: deleting IPSEC State #2
>>
>
> So the connection is torn down.
>
> Paul
>
I thought that "No route to host" would be a routing issue? When the
tunnel is not up, I can ping the client ip just fine, but once the
connection comes up I can't pint the client anymore (until the
connection comes down again).
Here are the routes that come up with the connection and the first one
looks like it might be a problem. But I don't know where its coming
from. These routes are gone when the connection comes down.
lre-east-2-238. * 255.255.255.255 UH 0 0 0 br0
192.168.0.248 * 255.255.255.255 UH 0 0 0
ppp0
ppp0 Link encap:Point-to-Point Protocol inet
addr:192.168.0.3 P-t-P:192.168.0.248 Mask:255.255.255.255
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1400 Metric:1
RX packets:35 errors:0 dropped:0 overruns:0 frame:0
TX packets:21 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:3 RX bytes:3526 (3.4 KiB) TX
bytes:853 (853.0 b)
Thanks
-Andrew T.
More information about the Users
mailing list