[Openswan Users] Not able to establish L2TP Over IPSec tunnel
Janantha Marasinghe
janantha at techcert.lk
Wed Sep 17 06:15:13 EDT 2008
Can you see if IPSec modes are complete or not? FYI there are 2 modes.
After only this the L2TP kicks in. This you can find in the /var/log /secure
I think this problem is with the NAT-T but I don't know the solution. I
have a similar setup which I tried to get it working (without NAT-T) but
i'm experiencing a routing issue. Another thing I saw in your ipsec.conf
is that its not properly aligned (as viewed in notepad) You should
properly align the parameters.
PVG Ravi Kumar wrote:
>
> Hi
>
>
>
> I am using 2.4.13 openswan in Fedora 4 system
>
> I installed xl2tpd-1.1.12 in system
>
>
>
> From windows XP machine (Where I have option to set pre-shared key for
> authentication under security options tab), I trying to establish L2TP
> Over IPSec connection establishment.
>
>
>
> I added pre-shared key in ipsec.secrets
>
>
>
> Connection is established, but when I captured the packets, I can see
> only l2tp packets not esp packets.
>
>
>
> What I am assuming L2TP Over IPSec traffic is, an IP packet is
> encapsulated into l2tp packet and again encapsulated into esp packet.
> Please correct me know if my understanding is wrong.
>
>
>
> I am attaching my *ipsec.conf* , *xl2tpd.conf *and console capture of
> xl2tpd server during connection establishment (*xl2tpd.txt*) along
> with this mail
>
>
>
> Please let me know if I miss anything or if I did anything wrong
>
>
>
> Thanks in advance
>
> PVGRaviKumar
>
> DISCLAIMER: This message is proprietary to D-Link (India) Limited and
> is intended solely for the use of the individual to whom it is
> addressed. It may contain privileged or confidential information and
> should not be circulated or used for any purpose other than for what
> it is intended. If you have received this message in error, please
> notify the originator immediately. If you are not the intended
> recipient, you are notified that you are strictly prohibited from
> using, copying, altering, or disclosing the contents of this message.
> D-Link (India) Limited accepts no responsibility for loss or damage
> arising from the use of the information transmitted by this email
> including damage from virus.
> ------------------------------------------------------------------------
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
--
-----------------------------------------------------
Best Regards
Janantha Marasinghe
Systems Operations Officer
TechCERT | DarkLab
Incident Report Form : https://www.techcert.lk/report
Tel : 94 114216066 Internal : 3141/3142 Ext 75
www.techcert.lk
-------------- next part --------------
A non-text attachment was scrubbed...
Name: janantha.vcf
Type: text/x-vcard
Size: 371 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20080917/0da1721b/attachment.vcf
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 2437 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.openswan.org/pipermail/users/attachments/20080917/0da1721b/attachment.bin
More information about the Users
mailing list