[Openswan Users] L2TP OS X/Windows problem
Lawrence Manning
lawrence.manning at smoothwall.net
Fri Jan 15 10:37:14 EST 2010
Hi,
On 15 Jan 2010, at 15:16, Paul Wouters wrote:
> On Fri, 15 Jan 2010, Lawrence Manning wrote:
>
>> We've come into the old rightprotoport problem documented in a few
>> places. Basically if we change it too:
>>
>> rightportoport=1701/0
>>
>> The OS X client can connect, but the windows user cant. Apparently
>> this is fixed in openswan 2.4.10 but even with 2.4.15 we still errors
>> connecting with the windows client:
>
> Use rightportoport=1701/%any
>
> You might need to grab the _updown.netkey from openswan 2.6 and use
> that
> as _updown for 2.4.x. )or just upgrade to 2.6.24)
Now the ipsec stage completes but I get the following from xl2tpd:
xl2tpd[11856]: setsockopt recvref: Protocol not available
xl2tpd[11856]: This binary does not support kernel L2TP.
xl2tpd[11856]: xl2tpd version xl2tpd-1.1.12 started on
smoothwall.local PID:11856
xl2tpd[11856]: Written by Mark Spencer, Copyright (C) 1998, Adtran, Inc.
xl2tpd[11856]: Forked by Scott Balmos and David Stipp, (C) 2001
xl2tpd[11856]: Inherited by Jeff McAdams, (C) 2002
xl2tpd[11856]: Forked again by Xelerance (www.xelerance.com) (C) 2006
xl2tpd[11856]: Listening on IP address 0.0.0.0, port 1701
xl2tpd[11856]: control_finish: Peer requested tunnel 14 twice,
ignoring second one.
xl2tpd[11856]: control_finish: Peer requested tunnel 14 twice,
ignoring second one.
(etc)
I get no such problems if I use 17/1701 as rightprotoport - ipsec is
allowed through and xl2tpd fires up the pppd. This is all using a
Windows XP2 client.
We are still on KLIPS here. Any ideas what changes we need to make to
the _updown? Am really confused!
--
Lawrence Manning
Lead Developer
SmoothWall Ltd
1 John Charles Way
Leeds LS12 6QA
United Kingdom
1 800 959 3760 (USA, Canada and North America)
0870 1 999 500 (United Kingdom)
+44 870 1 999 500 (All other countries)
SmoothWall is registered in England: 4298247
This email and any attachments transmitted with it are confidential to
the intended recipient(s) and may not be communicated to any other
person or published by any means without the permission of SmoothWall
Limited. Any opinions stated in this message are solely those of the
author. See: http://smoothwall.net/company/email.php for the full
text of this notice.
More information about the Users
mailing list