[Openswan Users] Unable to connect using Windows 7

Christopher Buckley chris at cjbuckley.net
Tue Apr 15 11:31:59 EDT 2014

Hi Daniel,

Just to provide a quick update: everything is now working perfectly. Thank you!

I changed
-A INPUT -p udp -m policy --dir in --pol ipsec -m udp --dport 1701 -j ACCEPT
to be
-A INPUT -p udp -m udp --dport 1701 -j ACCEPT

..and my external Win 7 client connected without issue.  I have then
put back the original rule, reloaded netfilter, attempting a new
connection and success!

Thanks again for your help.

All the best,

On 15 April 2014 11:26, Christopher Buckley <chris at cjbuckley.net> wrote:
> Hi Daniel,
>> tpcdump at the vpn host or on the win7 client?
> vpn host.
>> Which pluto loglevel are you using? You could try plutodebug=all
> Done. Will retry the connection soon and see what debug output I receive.
>> The vpn host is probably behind a firewall. Did you open udp ports 500
>> (IKE), 1701 (L2TP traffic) and 4500 (IPsec NAT-T)? If the Win7 client can
>> connect from the inside but not from the outside I guess the problem is
>> somewhere here... Port 4500 is important if the Win7 client is behind a home
>> router doing NAT.
> I currently have:
> -A INPUT -p udp -m policy --dir in --pol ipsec -m udp --dport 1701 -j ACCEPT
> -A INPUT -p udp -m udp --dport 500 -j ACCEPT
> -A INPUT -p udp -m udp --dport 4500 -j ACCEPT
> Thanks,
> Chris

Kind Regards,
Christopher J. Buckley

More information about the Users mailing list