[Openswan Users] Openswan/xl2tpd issue with nated roadwarriors
Sebastian Gomez Velasco
blass_sgv at hotmail.com
Sat Jun 20 14:50:54 EDT 2009
Hi paul.
I'm gonna use openswan 2.4.14. I found this files in http://www.openswan.org/code/
openswan-2.4.x.kernel-2.6.23-natt.patch (SIG)
openswan-2.4.14.tar.gz (SIG)
Do I need to install openswan-2.4.x.kernel-2.6.23-natt.patch ?? If so, how??
> Date: Sat, 20 Jun 2009 14:11:32 -0400
> From: paul at xelerance.com
> To: blass_sgv at hotmail.com
> CC: users at openswan.org
> Subject: RE: [Openswan Users] Openswan/xl2tpd issue with nated roadwarriors
>
> On Sat, 20 Jun 2009, Sebastian Gomez Velasco wrote:
>
> > Hi Paul, thanks for the reply.
> >
> > About bug #1004, I'm not getting this error: "cannot respond to IPsec SA request because no connection is known for......."
> > like said in https://gsoc.xelerance.com/issues/1004
>
> That part was fixed, but the policies are still not entirely correct on openswan 2.6.x. Please use 2.4.14.
>
> > I tried with transport mode, but I got the same messages, except in /var/log/secure, where IPSec SA changed from "tunnel" to
> > "transport"
>
> That's how it is supposed to be.
>
> You can see the policy is wrong using "ip xfrm pol" and "ip xfrm state". You'll notice that port 1701 is no
> where to be found in the policy anymore on openswan 2.6.x.
>
> Paul
_________________________________________________________________
Explore the seven wonders of the world
http://search.msn.com/results.aspx?q=7+wonders+world&mkt=en-US&form=QBRE
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20090620/db7c1081/attachment.html
More information about the Users
mailing list