[Openswan Users] Openswan/xl2tpd issue with nated roadwarriors
Paul Wouters
paul at xelerance.com
Sat Jun 20 14:11:32 EDT 2009
On Sat, 20 Jun 2009, Sebastian Gomez Velasco wrote:
> Hi Paul, thanks for the reply.
>
> About bug #1004, I'm not getting this error: "cannot respond to IPsec SA request because no connection is known for......."
> like said in https://gsoc.xelerance.com/issues/1004
That part was fixed, but the policies are still not entirely correct on openswan 2.6.x. Please use 2.4.14.
> I tried with transport mode, but I got the same messages, except in /var/log/secure, where IPSec SA changed from "tunnel" to
> "transport"
That's how it is supposed to be.
You can see the policy is wrong using "ip xfrm pol" and "ip xfrm state". You'll notice that port 1701 is no
where to be found in the policy anymore on openswan 2.6.x.
Paul
More information about the Users
mailing list