[Openswan Users] Unable to connect to Openswan/L2TP from Sprint Wireless Broadband

Roberto C. Sánchez roberto at connexer.com
Tue Mar 4 19:27:16 EST 2008

On Tue, Mar 04, 2008 at 06:35:13AM -0500, Paul Wouters wrote:
> On Mon, 3 Mar 2008, Roberto C. Sánchez wrote:
> > >   right=%any
> > >   rightprotoport=17/%any
> > >   rightsubnet=vhost:%priv,%no
> > >
> > That was it exactly.  In fact, the suggestion of adding forceencaps=yes
> > to the configuration solved the problem immediately.  So, it looks like
> > there is no evil filtering by Sprint going on.  Thanks so much for the
> > assistance.
> No, that means there IS filtering going on. Proto 50 filtering. with
> forceencaps, you will be sending UDP 4500 packets instead of proto 50 (ESP)
> packets.
Even though the connection from the laptop succeeds and all of its
packets reach the VPN server, yet the not all of the VPN server's
packets reach back to the laptop?

Is there a way I can tell just by examining traffic between the laptop
and the VPN server?



Roberto C. Sánchez
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20080304/fe370d4f/attachment.bin 

More information about the Users mailing list