[Openswan Users] Unable to connect to Openswan/L2TP from Sprint Wireless Broadband
Roberto C. Sánchez
roberto at connexer.com
Tue Mar 4 19:27:16 EST 2008
On Tue, Mar 04, 2008 at 06:35:13AM -0500, Paul Wouters wrote:
> On Mon, 3 Mar 2008, Roberto C. Sánchez wrote:
>
> > > right=%any
> > > rightprotoport=17/%any
> > > rightsubnet=vhost:%priv,%no
> > >
> > That was it exactly. In fact, the suggestion of adding forceencaps=yes
> > to the configuration solved the problem immediately. So, it looks like
> > there is no evil filtering by Sprint going on. Thanks so much for the
> > assistance.
>
> No, that means there IS filtering going on. Proto 50 filtering. with
> forceencaps, you will be sending UDP 4500 packets instead of proto 50 (ESP)
> packets.
>
Even though the connection from the laptop succeeds and all of its
packets reach the VPN server, yet the not all of the VPN server's
packets reach back to the laptop?
Is there a way I can tell just by examining traffic between the laptop
and the VPN server?
Regards,
-Roberto
--
Roberto C. Sánchez
http://people.connexer.com/~roberto
http://www.connexer.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20080304/fe370d4f/attachment.bin
More information about the Users
mailing list