Network Configuration:
Client (Private IP) -> Wireless Router (NAT-DHCP) -> I-Net -> Router
(STATIC IP)
Client: Windows XP Pro, using built in VPN system
Server:
Linux Kernel Version: 2.6.19
Iptables Version: 1.3.5
Raccoon ipsec-tools Version: 0.6.6
- product linked OpenSSL 0.9.8d
l2tpd version 0.69
Using NetKey and raccoon is compiled with NAT-T Support.
Raccoon ipsec negotiations 1/2 both go ok. Keys are built using
correct IP addresses as per NAT-T and setkey -DP show correct keys.
tcpdump shows inbound l2tp packets from client over ESP link, however
return packets from l2tpd does not pass though ESP link
(Unencrypted).
Secondly (Which I think is my own stupidity), if I block UDP port 1701
packets on my inbound WAN connection the firewall will not allow them
over ESP or the NAT-T port.
I've read that the 2.6.x kernel is broken for this setup, however all
these posts were from 2004 era and no bug reports exist on kernel.org
or netfilter bugzillas.
Any Help/Direction?
Thanks,
Jay Kendall
|
Similar Threads
Linear Mode
