[Openswan Users] (no subject)
Eugenio Vescovi
eugevesco at hotmail.com
Wed Sep 24 12:33:49 EDT 2008
Hi all, some news about my problem about Ipsec\L2tpd connection.First of all I realized my router filter all the ping-tries, and so that's the reason it fail.Then I established the L2tpd connection from my roadwarrior to the server, assigning to the client an IP address of the gateway's LAN, and
everything work.I mean, if i ping the virtual address of the warrior inside the lan from an host within the lan, my roadwarrior reply to the requests.Now, the real problem: I'm still not able to establish the L2tp connection OVER the IPsec tunnel.I mean: I can establish the host-to-host IPsec tunnel easily (this is what /etc/init.d/ipsec status told me), but after this
I'm not able to establish the L2tpd connection.
Whe I lunch the xl2tpd daemon on my roadwarrior, I can only see ESP packets to the server without any reply from this last one, and plus
no packets reach the server. It looks like the packets are not able to reach the server, and so they go missed.I tryed Linux and WinXP client, following Jacco's pages, but with no luck.The labs where I'm testing this thesis work is equipped with a block of public IP addresses, which is 141.250.40.0/24, and 141.250.40.51-141.250.40.52-141.250.40.56 are
the 3 free IP addressess of the LAN, a.b.c.51 and a.b.c.52 will be assigned to my roadwarriors.
Here are my conf files
l2tpd.conf
[global] listen-addr=141.250.40.34
[lns default]
ip range = 141.250.40.51 - 141.250.40.52 local ip = 141.250.40.56 length bit = yes require chap = yes refuse pap = yes require authentication = yes hostname = server_diei ; * Report this as our hostnameppp debug = yes ; * Turn on PPP debuggingpppoptfile= /etc/ppp/options.l2tpd.lns ; * ppp options file
ipsec.conf
config setupinterfaces=%defaultroutevirtual_private=%v4:192.168.0.0/16,%v4:10.1.0.0/16klipsdebug=noneplutodebug=none conn %defaultesp=3des-md5conn provaleft=141.250.40.34leftnexthop=141.250.40.30right=%anyrightsubnet=vhost:%no,%privpfs=norightprotoport=17/%anyleftprotoport=17/1701authby=secrettype=tunnelauto=start#Disable Opportunistic Encryptioninclude /etc/ipsec.d/examples/no_oe.confI do hope somebody can help me.Thank you all in advance.
_________________________________________________________________
Comunica, gioca e divertiti con i tuoi amici su Messenger!
http://www.messenger.it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20080924/c0cc6055/attachment.html
More information about the Users
mailing list