[Openswan Users] Windows 7 IKEv2 no reaction at all

Roland Plüss roland at rptd.ch
Tue Aug 9 16:10:36 EDT 2011 


On 08/09/2011 05:21 AM, Paul Wouters wrote:
> On Tue, 9 Aug 2011, Roland Plüss wrote:
>
>> machine. As an interesting side note using 2.4.x (stable under GenToo)
>> the packages did arrive at openswan but it logged a warning as IKEv2 is
>> not supported. Upgrading to 2.6.29 made the warning log message vanish
>> but as mentioned no reaction from openswan. This leads me to the
>> conclusion that openswan gets the packet but somehow totally ignores it.
>
> That is impossible. Openswan ALWAYS logs "Received packet from" before
> even
> processing whether it is an IKEv1 or IKEv2 packet.
Is there a way I can test this somehow? Or rather some kind of debug
option to activate tremendous debug output to see if they really do not
arrive at openswan? It's just that using tcpdump I see the packets
arrive at the server the same as with 2.4.x just that the reaction of
2.6.x is different. What doesn't add up to me is that I make the
following observations:

1) 2.4.x + Linux client: connection established
2) 2.4.x + W7 client: connection denied (no IKEv2 support, warning in logs)
3) 2.6.29 + Linux client: connection stablished
4) 2.6.29 + W7 client: no connection (nothing in logs)

In all these cases the following holds true:
a) the client is on the same laptop
b) the W7 firewall has the same configuration
c) the server has the same firewall (no changes, no restart)
d) openswan 2.4.x and 2.6.29 is listening on the same
interfaces/addresses/ports (same config except 2.6.29 related changes
compared to 2.4.x)

Using these observations I conclude the problem has to be located
somewhere in 2.6.29 . If so then there should be a way to figure it out.

-- 
Yours sincerely
Plüss Roland

Leader and Head Programmer
- Game: Epsylon ( http://www.indiedb.com/games/epsylon ,
http://epsylon.rptd.ch )
- Game Engine: Drag[en]gine ( http://www.indiedb.com/engines/dragengine
, http://dragengine.rptd.ch )
- Normal Map Generator: DENormGen ( http://epsylon.rptd.ch/denormgen.php
) and others

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20110809/7c0cd758/attachment.bin

More information about the Users mailing list