[Openswan Users] xl2tpd not responding - why?
Troy Telford
ttelford.groups at gmail.com
Tue Sep 7 18:37:21 EDT 2010
On 2010-09-07 14:53:45 -0600, Paul Wouters said:
> On Tue, 7 Sep 2010, Willie Gillespie wrote:
>
>> Not sure if it will make a difference, but I have an "ipsec saref =
>> yes" in my xl2tpd.conf file. That helps xl2tpd to work with NATted
>> IPsec clients if I remember correctly.
>
> You MUST use an saref patched kernel if setting that option, or else
> all your packets will fail.
If I read the documentation correctly, ipsec saref only works if you're
using Openswan KLIPS. I've been using NETKEY.
Part of me is wondering how much pain I'm inflicting on myself by using
NETKEY... but I'm seeing the "IPsec SA established transport mode"
message, so I'm thinking that the IPsec portion is working properly...
Would switching from NETKEY to KLIPS have any real effect on the
problems I've been seeing?
--
Troy Telford
More information about the Users
mailing list