[Openswan Users] Windows 7 IKEv2 no reaction at all
Paul Wouters
paul at xelerance.com
Tue Aug 9 17:22:19 EDT 2011
On Tue, 9 Aug 2011, Roland Plüss wrote:
>> That is impossible. Openswan ALWAYS logs "Received packet from" before
>> even
>> processing whether it is an IKEv1 or IKEv2 packet.
> Is there a way I can test this somehow? Or rather some kind of debug
> option to activate tremendous debug output to see if they really do not
> arrive at openswan?
plutodebug=all logs everything and the kitchen sink. Please don't attach
such a log to the mailing list.
But also, your tcpdump -i ethX port 500 should show the Windows7 first packet....
> 2.6.x is different. What doesn't add up to me is that I make the
> following observations:
>
> 1) 2.4.x + Linux client: connection established
> 2) 2.4.x + W7 client: connection denied (no IKEv2 support, warning in logs)
> 3) 2.6.29 + Linux client: connection stablished
> 4) 2.6.29 + W7 client: no connection (nothing in logs)
>
> In all these cases the following holds true:
> a) the client is on the same laptop
> b) the W7 firewall has the same configuration
> c) the server has the same firewall (no changes, no restart)
> d) openswan 2.4.x and 2.6.29 is listening on the same
> interfaces/addresses/ports (same config except 2.6.29 related changes
> compared to 2.4.x)
>
> Using these observations I conclude the problem has to be located
> somewhere in 2.6.29 . If so then there should be a way to figure it out.
I'm afraid I'm expecting a Rule of Support #1 here.....
Paul
More information about the Users
mailing list