<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40"><head><meta http-equiv=Content-Type content="text/html; charset=koi8-r"><meta name=Generator content="Microsoft Word 14 (filtered medium)"><!--[if !mso]><style>v\:* {behavior:url(#default#VML);}
o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);}
.shape {behavior:url(#default#VML);}
</style><![endif]--><style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
pre
{mso-style-priority:99;
mso-style-link:"Стандартный HTML Знак";
margin:0cm;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:"Courier New";}
p.MsoAcetate, li.MsoAcetate, div.MsoAcetate
{mso-style-priority:99;
mso-style-link:"Текст выноски Знак";
margin:0cm;
margin-bottom:.0001pt;
font-size:8.0pt;
font-family:"Tahoma","sans-serif";}
span.HTML
{mso-style-name:"Стандартный HTML Знак";
mso-style-priority:99;
mso-style-link:"Стандартный HTML";
font-family:"Consolas","serif";}
p.ecxmsonormal, li.ecxmsonormal, div.ecxmsonormal
{mso-style-name:ecxmsonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
p.ecxmsochpdefault, li.ecxmsochpdefault, div.ecxmsochpdefault
{mso-style-name:ecxmsochpdefault;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
span.ecxmsohyperlink
{mso-style-name:ecxmsohyperlink;}
span.ecxmsohyperlinkfollowed
{mso-style-name:ecxmsohyperlinkfollowed;}
span.ecxemailstyle17
{mso-style-name:ecxemailstyle17;}
span.ecxhtml
{mso-style-name:ecxhtml;}
p.ecxmsonormal1, li.ecxmsonormal1, div.ecxmsonormal1
{mso-style-name:ecxmsonormal1;
mso-margin-top-alt:auto;
margin-right:0cm;
margin-bottom:0cm;
margin-left:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
span.ecxmsohyperlink1
{mso-style-name:ecxmsohyperlink1;
color:blue;
text-decoration:underline;}
span.ecxmsohyperlinkfollowed1
{mso-style-name:ecxmsohyperlinkfollowed1;
color:purple;
text-decoration:underline;}
span.ecxemailstyle171
{mso-style-name:ecxemailstyle171;
font-family:"Calibri","sans-serif";
color:windowtext;}
span.ecxhtml1
{mso-style-name:ecxhtml1;
font-family:"Courier New";}
p.ecxmsochpdefault1, li.ecxmsochpdefault1, div.ecxmsochpdefault1
{mso-style-name:ecxmsochpdefault1;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Calibri","sans-serif";}
span.EmailStyle32
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
span.a
{mso-style-name:"Текст выноски Знак";
mso-style-priority:99;
mso-style-link:"Текст выноски";
font-family:"Tahoma","sans-serif";}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:2.0cm 42.5pt 2.0cm 3.0cm;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]--></head><body lang=RU link=blue vlink=purple><div class=WordSection1><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Options.xl2tpd: <a href="http://paste.org.ru/?iy2pfw">http://paste.org.ru/?iy2pfw</a><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Xl2tpd.conf: <a href="http://paste.org.ru/?fc57af">http://paste.org.ru/?fc57af</a><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>ipsec version: Linux strongSwan U4.6.4/K2.6.32-5-xen-amd64<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>I’m using chap v2.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Best regards,<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'>Artem Popov.<o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D'><o:p> </o:p></span></p><div><div style='border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0cm 0cm 0cm'><p class=MsoNormal><b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From:</span></b><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> John Mara [mailto:jaymara22@hotmail.com] <br><b>Sent:</b> Wednesday, July 11, 2012 3:59 AM<br><b>To:</b> web.tyoma@gmail.com; users@lists.strongswan.org<br><b>Subject:</b> RE: [strongSwan] Windows 7 client problem<o:p></o:p></span></p></div></div><p class=MsoNormal><o:p> </o:p></p><div><p class=MsoNormal style='margin-bottom:12.0pt'><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Hi<br><br>Paste you options.xl2tpd conf here and also let me know whether you are using chap or chap v2<o:p></o:p></span></p><div class=MsoNormal align=center style='text-align:center'><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><hr size=2 width="100%" align=center></span></div><p class=MsoNormal style='margin-bottom:12.0pt'><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>From: </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><a href="mailto:web.tyoma@gmail.com"><span lang=EN-US>web.tyoma@gmail.com</span></a></span><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>To: </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><a href="mailto:Users@lists.strongswan.org"><span lang=EN-US>Users@lists.strongswan.org</span></a></span><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br>Date: Wed, 11 Jul 2012 00:21:15 +0400<br>Subject: [strongSwan] Windows 7 client problem<o:p></o:p></span></p><div><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>Hi,</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>I’m trying to setup linux ipsec\l2tp server.</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>When Win7 client connects to server I have error in log:</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>vpn pluto[]: "doublenat"[4] IP:54189 #6: NAT-Traversal: received 2 NAT-OA. using first, ignoring others</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>vpn pluto[]: "doublenat"[4] IP:54189 #6: responding to Quick Mode</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>vpn pluto[]: "doublenat"[4] IP:54189 #5: ignoring informational payload, type INVALID_HASH_INFORMATION</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>vpn pluto[]: "doublenat"[4] IP:54189 #5: received Delete SA payload: deleting ISAKMP State #5</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>Same error appears with PSK and RSA auth.</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>Win7 client shows “error 789” immediately after Connect button pressed. </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>Server is behind the NAT, ports 4500, 500 and 1701 are forwarded. I’ve tried clients with public IP and behind NAT with same result.</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>Is it a bug #108, or I misconfigured something? Is there working example where client and server are both NATed?</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>My ipsec.conf: <a href="http://paste.org.ru/?p6y9js" target="_blank">http://paste.org.ru/?p6y9js</a></span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>Best regards,</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'>Artem Popov.</span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Courier New"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p><p class=MsoNormal><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><o:p></o:p></span></p></div><p class=MsoNormal><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><br></span><span lang=EN-US style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'>_______________________________________________ Users mailing list </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><a href="mailto:Users@lists.strongswan.org"><span lang=EN-US>Users@lists.strongswan.org</span></a></span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> </span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'><a href="https://lists.strongswan.org/mailman/listinfo/users"><span lang=EN-US>https://lists.strongswan.org/mailman/listinfo/users</span></a></span><span style='font-size:10.0pt;font-family:"Tahoma","sans-serif"'> <span lang=EN-US><o:p></o:p></span></span></p></div></div></body></html>