[Openswan Users] Openswan NAT Problems

Colin John Talbot colintalbot at cj-developments.co.uk
Mon Nov 9 04:45:03 EST 2009


Hello Paul,

Thanks for your email, I have downloaded the source for 2.6 and compiled
and installed with no problems.

However when trying to apply the klips patch on Ubuntu kernel 2.6.28 I
run into problems.

Is their an updated patch that works on 2.6.28?

Regards,
Colin.

On Wed, 2009-11-04 at 19:46 -0500, Paul Wouters wrote:
> On Wed, 4 Nov 2009, Colin John Talbot wrote:
> 
> > I'm running Openswan 2.4.12 on ubuntu and followed the setup guide at
> > http://www.natecarlson.com/linux/ipsec-l2tp.php which is running
> > perfectly.
> 
> > Nov  4 13:24:54 CJ-Filer pluto[7848]: "roadwarrior-l2tp-oldwin"[1]
> > 195.26.42.82 #2: STATE_QUICK_R2: IPsec SA established {ESP=>0x4062c9a1
> > <0x2f4704af xfrm=3DES_0-HMAC_MD5 NATD=195.26.42.82:42837 DPD=none}
> >
> > Nov  4 13:24:59 CJ-Filer pluto[7848]: ERROR: asynchronous network error
> > report on eth0 (sport=4500) for message to 195.26.42.82 port 42837,
> > complainant 86.28.177.52: No route to host [errno 113, origin ICMP type
> > 3 code 1 (not authenticated)]
> 
> It's a known bug.
> 
> Either grab _updown.netkey from openswan 2.6.x and replace your 2.4.12 "_updown",
> or try out 2.6.14rc1 which incorporates most fixes to make L2TP work with openswan
> 2.6. You might need to use 2.6.14rc2 which I will try to release tomorrow
> (or grab the git version)
> 
> Paul
> ps. I also posted the _updown script on the list a week or so ago.




More information about the Users mailing list