On 7/10/2014 8:41 AM, ray klassen wrote: > I have 30 odd permanent vpns running pure ipsec over KLIPS, the openswan > option erroneously called 2.4 kernel in the shorewall documentation. It > still works way better than NETKEY. Switching over to KLIPS from NETKEY > after using it for years solved innumerable problems with workstations > not staying connected to the samba 3.x domain. I only include this bit > of info here to avoid people replying to me with "switch over to NETKEY > and come out of the dark ages." It's not going to happen. > > But now I want to implement l2tp/ipsec and shorewall documentation > suffers as regards this configuration and any help would be appreciated. > Basically incoming lt2p traffic authenticates fine as regards ipsec, but > then there is nothing. dmesg reports martians on interface ipsec0 and > xl2tpd never processes the request.
Martians are almost always a routing issue rather than a Shorewall issue. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Open source business process management suite built on Java and Eclipse Turn processes into business applications with Bonita BPM Community Edition Quickly connect people, data, and systems into organized workflows Winner of BOSSIE, CODIE, OW2 and Gartner awards http://p.sf.net/sfu/Bonitasoft
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users