[Swan] Windows 7/10 ipsec issues

John Crisp jcrisp at safeandsoundit.co.uk
Thu Oct 31 19:24:40 UTC 2019

On Thu, 31 Oct 2019 11:35:33 -0700
Computerisms Corporation <bob at computerisms.ca> wrote:

>  >> do your l2tp logs show the connection?
>  >>  
>  >
>  >Nope. It always fails on the ipsec connection.  
> hm, not sure that this is true; in the logs you posted, you do get a 
> IPsec SA established which, in my experience, means that the tunnel
> is successfully established.  However, it is immediately followed by :
> received Delete SA(0x1728294a) payload: deleting IPsec State

Yes I can see that but the l2tp never appears to fire.

Works fine on both Android and Mac and iOS as per my original logs.

Hence I am stuck... !

> which means something is telling it to un-establish, which might be a 
> failure to connect to the l2tp daemon, for example because your
> iptables rules are not correct or the roadwarrior has a firewall
> blocking it. might be something else too, I suppose.

Yup - I will try and check those carefully again.

This is a 'templated' system so if it works on one box it should work on
another, which it does for everything but Windows !

> The only l2tp unit I have that is still in production is using
> version 3.12 of libreswan and has 17/%any on both sides, so maybe you
> will need an older version.  fwiw, here is the config:

OK - thank you very much.

I'll keep poking about.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <https://lists.libreswan.org/pipermail/swan/attachments/20191031/632a5d94/attachment.sig>

More information about the Swan mailing list