[Openswan Users] openswan 2.4.14 + xl2tpd

Reza ISSANY issanyr at olympecti.fr
Wed Apr 22 05:10:23 EDT 2009 

Hi, 

Sorry for my bad english. 

Few weeks ago, I had a problem with the last openswan (2.6.21) and xl2tpd. 
Someone told me that this version has a bug with nat-t and advice me to use the 2.4.14 of openswan version. 

Bug at http://bugs.xelerance.com/view.php?id=1004 

I have just setup the 2.4.14, and I'm trying to use it with netkey, but it doesn't work. 

I'm trying with a Windows Vista and I have this log : 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #11: NAT-Traversal: received 2 NAT-OA. using first, ignoring others 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #11: responding to Quick Mode {msgid:04000000} 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #11: transition from state STATE_QUICK_R0 to state STATE_QUICK_R1 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #11: STATE_QUICK_R1: sent QR1, inbound IPsec SA installed, expecting QI2 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #11: transition from state STATE_QUICK_R1 to state STATE_QUICK_R2 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #11: STATE_QUICK_R2: IPsec SA established {ESP=>0xfe146102 <0xb12972e0 xfrm=AES_128-HMAC_SHA1 NATD=82.229.55.165:4500 DPD=none} 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #7: received Delete SA(0x76e0a5b3) payload: deleting IPSEC State #10 
Apr 22 10:58:16 integration pluto[9189]: "roadwarrior"[8] 82.229.55.165 #7: received and ignored informational message 

I can see that the tunnel is established, but nothing is logged by xl2tpd. 

How should I do to get working this ? 

Thanks for your helps. 

# Add connections here 
conn %default 
keyingtries=1 
compress=yes 
disablearrivalcheck=no 
authby=rsasig 
leftrsasigkey=%cert 
rightrsasigkey=%cert 

# sample VPN connections, see /etc/ipsec.d/examples/ 

conn roadwarrior 
pfs=no 
type=transport 
auto=add 
leftcert=vpn.olympecti.fr.pem 
left=192.168.1.116 
leftnexthop=192.168.1.1 
leftprotoport=17/%any 
right=%any 
rightprotoport=17/%any 


--- azer 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090422/e5f83db4/attachment.html

More information about the Users mailing list