[Openswan Users] Error with road connection

Tue Sep 29 11:37:14 EDT 2009

Hi, this problem is present with this version:

kernel-2.6.27.5
openswan-2.6.22 (for KLIPS support)
openswan-2.4.x.kernel-2.6.23-natt.patch
openswan-2.6.22-old-natt-style.patch (from Giovani Moda)
openswan-2.4.15 (for userland)
xl2tp

..the same ipsec.conf but with this version:

kernel.2.6.18.1
openswan-2.4.9.kernel-2.6-natt.patch
openswan-2.4.9.kernel-2.6-klips.patch
openswan-2.4.9
xl2tp

I haven't problem.
Thanks.

------

   Salvatore.

----- Original Message ----- 
From: "Sasa" <sasa at shoponweb.it>
To: <users at openswan.org>
Sent: Friday, September 25, 2009 3:26 PM
Subject: [Openswan Users] Error with road connection

> Hi, when I try to vpn connection (from xp) I have this error:
>
> [root at fw ~]# tcpdump -i eth0 host 82.104.x.y
> 14:40:25.148881 IP 
> hosty-x-static.104-82-b.business.telecomitalia.it.isakmp
> > 85-18-z-zz.ip.fastwebnet.it.isakmp: isakmp: phase 1 I ident
> 14:40:25.259322 IP 85-18-z-zz.ip.fastwebnet.it >
> hosty-x-static.104-82-b.business.telecomitalia.it: ICMP
> 85-18-z-zz.ip.fastwebnet.it udp port isakmp unreachable, length 348
>
> My ipsec.conf is:
>
> config setup
>  interfaces="ipsec0=eth0"
>  virtual_private=%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.0.0.0/24
>  nat_traversal=yes
> conn %default
>      authby=rsasig
> conn left-road
>    auto=add
>    authby=secret
>    pfs=no
>    rekey=no
> #sede A uff left (locale)
>         left=85.18.z.zz
>      leftnexthop=85.18.z.zx
>      leftprotoport=17/1701
>  #right
>      right=%any
>      rightprotoport=17/1701
>      rightsubnet=vhost:%no,%priv
> include /etc/ipsec.d/examples/no_oe.conf
>
> Thanks.
>
> ------
>
>   Salvatore.
>
>
> _______________________________________________
> Users at openswan.org
> http://lists.openswan.org/mailman/listinfo/users
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
> 