[Openswan Users] xl2tpd not responding - why?

Troy Telford ttelford.groups at gmail.com
Tue Sep 7 18:37:21 EDT 2010

On 2010-09-07 14:53:45 -0600, Paul Wouters said:

> On Tue, 7 Sep 2010, Willie Gillespie wrote:
>> Not sure if it will make a difference, but I have an "ipsec saref = 
>> yes" in my xl2tpd.conf file.  That helps xl2tpd to work with NATted 
>> IPsec clients if I remember correctly.
> You MUST use an saref patched kernel if setting that option, or else 
> all your packets will fail.

If I read the documentation correctly, ipsec saref only works if you're 
using Openswan KLIPS.  I've been using NETKEY.

Part of me is wondering how much pain I'm inflicting on myself by using 
NETKEY... but I'm seeing the  "IPsec SA established transport mode" 
message, so I'm thinking that the IPsec portion is working properly...

Would switching from NETKEY to KLIPS have any real effect on the 
problems I've been seeing?
Troy Telford

More information about the Users mailing list