[vpnc-devel] Problem with UDP
Fabio Comolli
fabio.comolli at gmail.com
Thu Sep 17 18:05:38 CEST 2009
OK, I can confirm that the solution Joerg proposed works perfectly. So
it seems that I can finally dump cisco_ipsec.ko .
Joerg, care to explain why I needed to add force_natt and local_port 0
to have vpnc work with my DSL line? Can this mean that UDP 500 is
dropped from my provider?
[Just as reference, I dont' need those options to connect same laptop
- same VPN concentrators using PPP oper HDSPA]
I'm asking because there is an agreement between me and my provider to
have UDP 500 and UDP 4500 open for traffic both ways.
Thanks and regards,
Fabio
On Wed, Sep 16, 2009 at 9:57 AM, Fabio Comolli <fabio.comolli at gmail.com> wrote:
> Hi.
> Good news. This worked. I will test it some more in the next few days
> and report back.
> Many many thanks!!
>
> Regards,
> Fabio
>
> On Wed, Sep 16, 2009 at 3:04 AM, Joerg Mayer <jmvpnc at loplof.de> wrote:
>> Sorry, somehow missed your last post until now.
>>
>> On Tue, Aug 25, 2009 at 07:21:50PM +0200, Fabio Comolli wrote:
>>> If I add "Local Port 0" to my config I actually manage to connect.
>>> However, nothing works (i.e. I can't see anything on the other side of
>>> the tunnel - I can't ping hosts, see DNS, and so on).
>> ...
>>> S7.7 QM_packet3 sent
>>> [2009-08-25 19:15:29]
>>>
>>> S7.8 setup ipsec tunnel
>>> [2009-08-25 19:15:29]
>>>
>>> S7.9 main loop (receive and transmit ipsec packets)
>>> [2009-08-25 19:15:29]
>>> remote -> local spi: 0x4d7c9d13
>>> local -> remote spi: 0x114446fc
>>> VPNC started in background (pid: 1230)...
>>
>> Can you please try to combine force-natt and local-port 0 ?
>> If that doesn't help, I will need a packet capture with a program like
>> Wireshark of a successful connect with the cisco client.
>>
>> Thanks!
>> Joerg
>> --
>> Joerg Mayer <jmayer at loplof.de>
>> We are stuck with technology when what we really want is just stuff that
>> works. Some say that should read Microsoft instead of technology.
>> _______________________________________________
>> vpnc-devel mailing list
>> vpnc-devel at unix-ag.uni-kl.de
>> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
>> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>>
>
More information about the vpnc-devel
mailing list