Package: racoon Version: 1:0.5.1-1 I use racoon in a mixed environment with both Linux and Windows XP/2000 clients. It seems that, when the Windows clients are using NAT-T, they send a "NAT Original Address" payload, which racoon doesn't understand. It prints "ignore the packet, received unexpecting [sic] payload type 131." messages and, true to its word, ignores the packets, which obviously means that negotiation fails.
This trivial patch causes racoon to silently ignore the NATOA_DRAFT payloads, which is sufficient to make things work for me. Thanks p.
--- clean/ipsec-tools-0.5.1/src/racoon/isakmp_quick.c 2005-03-02 20:00:43.000000000 +0000 +++ ipsec-tools-0.5.1/src/racoon/isakmp_quick.c 2005-05-08 10:58:21.000000000 +0100 @@ -980,6 +980,9 @@ isakmp_check_notify(pa->ptr, iph2->ph1); break; + case ISAKMP_NPTYPE_NATOA_DRAFT: + break; + default: plog(LLV_ERROR, LOCATION, iph2->ph1->remote, "ignore the packet, "
