Note: This archive passes through spamassassin. Every mail marked with the subject "*****SPAM*****" has exceed a certain threshold of spam-like behaviour.

Re: [Users] MS L2TP/IPSec VPN client configuration issue?

From: Jason A. Pattie (pattieja_at_pcxperience.com)
Date: Tue Jul 16 2002 - 21:51:30 CEST

Next message: Roland B: "[Users] ONLY AH , without ESP ?"
Previous message: Ken Bantoft: "Re: [Users] Why freeswan instead of cisco/nortel"
In reply to: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
Next in thread: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
Reply: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Sam Sgro wrote:

>-----BEGIN PGP SIGNED MESSAGE-----
>
>
>On Tue, 16 Jul 2002, Jason A. Pattie wrote:
>
>
>
>>I tried using the L2TP/IPSec VPN client from Microsoft on a VMware
>>session running Win98. However, when the client attempts to connect,
>>I'm getting the following from my FreeS/WAN logs:
>>
>>Jul 16 08:46:08 test810 Pluto[13334]: "test810-vmware-msl2tp" #1: sent
>>MR3, ISAKMP SA established
>>Jul 16 08:46:08 test810 Pluto[13334]: "test810-vmware-msl2tp" #1: peer
>>client ID payload ID_IPV4_ADDR specifies protocol 17; we only support 0
>>Jul 16 08:46:13 test810 Pluto[13334]: "test810-vmware-msl2tp" #1: Quick
>>Mode I1 message is unacceptable because it uses a previously used
>>Message ID 0x5ca8a66c (perhaps this is a duplicated packet)
>>
>>
>
>The error you are receiving has to do with L2TP; Windows wants to use L2TP to
>encapsulate the real encrypted traffic, which only uses UDP port 1701. We
>don't accept any restrictions on ports/protocols in Phase 2; FreeS/WAN
>will accept UDP/1701 traffic through the tunnel, but won't restrict its
>communications as the Windows box is requesting.
>
>Take a look at this link:
>
>http://lists.freeswan.org/pipermail/users/2002-January/006921.html
>
>Some additional information would help here: what version of FreeS/WAN are you
>using, and what are you trying to do, exactly? Are you trying to use L2TP, or
>are you aiming to do a simple IPSec connection between the two machines via
>X.509 certificates? If you are using the new MS released IPSec client, read
>this message if you haven't already:
>
Do I want to use L2TP? I'm currently just trying to get a connection
between the two machines established via PSK's. Next will be using
X.509 certificates ala OpenSSL. I hope to be able to also allow the
Windows client(s) to connect to the interal network that the security
gateway is part of. Is that possible using the L2TP/IPSec Windows
client? I didn't see any sort of "remote network" configuration items
in the Windows client.

>
>http://lists.freeswan.org/pipermail/users/2002-July/012250.html
>
>
>
Thanks for the links.

-- Jason A. Pattie pattieja_at_pcxperience.com

-- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

_______________________________________________ Users mailing list Users_at_lists.freeswan.org http://lists.freeswan.org/mailman/listinfo/users

Next message: Roland B: "[Users] ONLY AH , without ESP ?"
Previous message: Ken Bantoft: "Re: [Users] Why freeswan instead of cisco/nortel"
In reply to: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
Next in thread: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
Reply: Sam Sgro: "Re: [Users] MS L2TP/IPSec VPN client configuration issue?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:23 CEST