[Openswan Users] Ipsec Linux-L2TP Windows

Sun May 13 11:53:02 EDT 2012

Welcome,

I configuring an IPsec tunnel with Openswan and l2tpd anhand howto on site:
http://www.natecarlson.com/2006/07/10/configuring-an-ipsec-tunnel-with-openswan-and-l2tpd.
But i have problems with establishing conection.

This is my ipsec.conf
config setup
    nat_traversal=yes
    protostack=netkey
    virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
    interfaces=%none

conn dupa
    type=transport
    #authby=secret
    left=192.168.0.149
    leftid=%fromcert
    #leftrsasigkey=%cert
    leftcert=server.pem
    right=192.168.0.212
    rightid=%fromcert
    #rightrsasigkey=%cert
    rightcert=dupa1.pem
    rightca=%same
    #keyingtries=3
    #rekey=no
    #ikelifetime=8h
    #keylife=1h
    leftprotoport=17/1701
    rightprotoport=17/%any
    auto=add
    pfs=no

#xl2tpd.conf

[global]								
port = 1701						 	
auth file = /etc/l2tpd/l2tp-secrets 	

[lns default]							
ip range = 192.168.0.1-192.168.0.250	
local ip = 192.168.1.149				
require chap = yes					
refuse pap = yes						
require authentication = yes			
name = dupa						; * Report this as our
ppp debug = yes						; * Turn on PPP debugging
pppoptfile = /etc/ppp/options.l2tpd.lns	; * ppp options file

# /etc/ppp/options
 ipcp-accept-local
 ipcp-accept-remote
 ms-dns 192.168.1.1
 ms-dns 192.168.1.2
 ms-wins 192.168.1.1
 ms-wins 192.168.1.3
 noccp
 asyncmap 0
 auth
 crtscts
 idle 1800
 mtu 1200
 mru 1200
 nodefaultroute
 debug
 lock
 proxyarp
 connect-delay 5000
# ---<End of File>---

On Windows machine i import certificate  with certimport from
ftp://ftp.openswan.org/openswan/windows/certimport/.
When i try to connect i see on wireshark that phase 1 was successfull
but whet start up phase 2 i see "Destination ureachable (Port
unreachable)".

Thanks  for your advice !