[Openswan Users] Windows XP & L2TP issue, timeout
Gennady Kovalev
gik at bigur.ru
Tue Dec 15 05:07:00 EST 2009
FLOC'H Tanguy пишет:
> Hello,
>
> Did you set the "AssumeUDPEncapsulationContextOnSendRule" registry entry on Windows ?
>
Thank you for your response. I try change registry entry, but problem
did not resolved. Some ideas? Sombody can tell me, is my openswan
settings on server side correct for Windows clients?
Is log entry with "FRAGMENTATION" word is correct entry or i have MTU
problem? I'm not shure that i have mtu problem, becouse ipsec connection
setup correct.
> =========== configs =================
>
> ipsec.conf:
> config setup
> nat_traversal=yes
> oe=off
> protostack=netkey
>
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!10.1.25.0/24
>
> conn %default
> auto=add
>
> conn roadwarrior
> authby=rsasig
> pfs=no
> rekey=no
> ikelifetime=8h
> keylife=1h
> type=transport
> left=94.79.54.16
> #leftid=%fromcert
> leftrsasigkey=%cert
> leftcert=myserver.crt
> right=%any
> rightca=%same
> rightrsasigkey=%cert
> rightsubnet=vhost:%no,%priv
> leftprotoport=17/1701
> rightprotoport=17/1701
>
> xl2tpd.conf
> [lns default]
> ip range = 10.1.25.128-10.1.25.254
> local ip = 10.1.25.1
> require chap = yes
> refuse pap = yes
> require authentication = yes
> name = LinuxVPNserver
> ppp debug = yes
> pppoptfile = /etc/ppp/ppp-options.xl2tpd
> length bit = yes
>
> /etc/ppp/ppp-options.xl2tpd may be not imported now...
>
> =========== /configs =================
>
> packet from x.x.x.x:500: ignoring Vendor ID payload [FRAGMENTATION]
>
More information about the Users
mailing list