The product that I am working on CANNOT connect to
Windows 98 with L2TP/IPSec when a NAT is present.
However, it CAN connect to Windows XP with L2TP/IPSec
when Windows is behind a NAT. The IETF draft for NAT-T,
version 2, is used by both sides.
The IPSec SAs are established, and I see ESP packets
transmmitted by the 98 side, and ESP responses from my
product. The SPIs are correct. The packets are properly
translated by the NAT. I confirmed this with a packet
analyzer.
The 98 side is retransmitting its first packet as if it
does not like the response that it gets.
Is there any L2TP logging that I can enable on 98? The
PPP log doesn't show anything because it hasn't finished
L2TP yet. The IPSec log shows that SAs have been
negotiated and loaded.
My product does not set the commit bit unless the peer
sets the commit bit. I bring this up because the Windows
server sets the commit bit, and therefore 98 waits for a
connected notification.
Brendan
|
Similar Threads
Linear Mode
