Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: vpnc: devel

vpnc-nortel can establish connection but doesn't receive any traffic

  

 
vpnc devel RSS feed   Index | Next | Previous | View Threaded


dick at mrns

Sep 15, 2009, 12:07 PM

Post #1 of 12 (3013 views)
Permalink
vpnc-nortel can establish connection but doesn't receive any traffic
Hi all,

I've just compiled and installed vpnc from svn, everthing works except
that I don't receive any data from the tunnel.

- vpnc seems to start correct:
# vpnc
VPNC started in background (pid: 13967)...

- I've added a manual route and started pinging a address which should
be reachable by this VPN, but it don't get any replies, RX packets is
still 0:
# ip ro add 1.2.3.4/32 dev tun0
# ping 1.2.3.4/32 dev tun0 &
# tcpdump -ni tap0
tcpdump: WARNING: arptype 65534 not supported by libpcap - falling back
to cooked socket
tcpdump: verbose output suppressed, use -v or -vv for full protocol
decode
listening on tun0, link-type LINUX_SLL (Linux cooked), capture size 96
bytes
20:44:50.563888 IP 10.0.0.57 > 1.2.3.4: ICMP echo request, id 64308, seq
6, length 64
20:44:51.563873 IP 10.0.0.57 > 1.2.3.4: ICMP echo request, id 64308, seq
7, length 64
20:44:52.563843 IP 10.0.0.57 > 1.2.3.4: ICMP echo request, id 64308, seq
8, length 64
20:44:53.563833 IP 10.0.0.57 > 1.2.3.4: ICMP echo request, id 64308, seq
9, length 64
# ifconfig tun0
tun0 Link encap:UNSPEC HWaddr
00-00-00-00-00-00-00-00-00-00-00-00-00-00-00-00
inet addr:10.0.0.57 P-t-P:10.0.0.57 Mask:255.255.248.0
UP POINTOPOINT RUNNING NOARP MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:41 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:0 (0.0 b) TX bytes:5000 (4.8 KiB)

- When I look at the logging of vpnc I see data is transmitted

- I get ping replies using the Widnows Nortel client

Could someone please help me?

Thanks in advance,
Dick

_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


dick at mrns

Sep 21, 2009, 12:49 PM

Post #2 of 12 (2895 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
I still have the same error (can connect but I can't get any traffic through my
VPN, I've configured the routes correctly and when I change the credentials I
get a message about incorrect credentials.

$ vpnc --debug 2 --no-detach

vpnc version 0.5.3

S1 init_sockaddr
[2009-09-21 21:47:25]

S2 make_socket
[2009-09-21 21:47:25]

S3 setup_tunnel
[2009-09-21 21:47:25]
using interface tun0

S4 do_phase1_am
[2009-09-21 21:47:25]

S4.1 create_nonce
[2009-09-21 21:47:25]

S4.2 dh setup
[2009-09-21 21:47:25]

S4.3 AM packet_1
[2009-09-21 21:47:25]

S4.4 AM_packet2
[2009-09-21 21:47:25]
(unknown)
(DPD)
IKE SA selected psk-3des-sha1
peer is DPD capable (RFC3706)
NAT status: no NAT-T VID seen

S4.5 AM_packet3
[2009-09-21 21:47:25]

S4.6 cleanup
[2009-09-21 21:47:25]

S5 do_phase2_xauth [1]
[2009-09-21 21:47:25]

S5.1 xauth_request
[2009-09-21 21:47:25]

S5.2 notice_check
[2009-09-21 21:47:25]

S5.3 type-is-xauth check
[2009-09-21 21:47:25]

S5.4 xauth type check
[2009-09-21 21:47:25]

S5.5 do xauth reply
[2009-09-21 21:47:25]

S5.2 notice_check
[2009-09-21 21:47:25]

S5.3 type-is-xauth check
[2009-09-21 21:47:25]

S5.6 process xauth set
[2009-09-21 21:47:25]

S5.8 xauth done
[2009-09-21 21:47:25]

S6 do_phase2_config [1]
[2009-09-21 21:47:25]

S6.2 phase2_config receive modecfg
[2009-09-21 21:47:25]
unknown attribute 6 / 0x6
unknown attribute 16392 / 0x4008
unknown attribute 16395 / 0x400B
unknown attribute 16396 / 0x400C
unknown attribute 16398 / 0x400E
unknown attribute 16397 / 0x400D
unknown attribute 16403 / 0x4013
unknown attribute 16400 / 0x4010
got address 10.137.0.24

S6 do_phase2
[2009-09-21 21:47:25]

do_phase2: S7.5 QM_packet2 check reject offer
[2009-09-21 21:47:25]

do_phase2: S7.6 QM_packet2 check and process proposal
[2009-09-21 21:47:25]
got ipsec lifetime attributes: 28800 seconds
IPSEC SA selected 3des-md5

do_phase2: S7.1 QM_packet1
[2009-09-21 21:47:25]

do_phase2: S7.7 QM_packet3 sent - run script
[2009-09-21 21:47:25]

S7 setup_link (phase 2 + main_loop)
[2009-09-21 21:47:25]

S7.0 run interface setup script
[2009-09-21 21:47:25]

S7.8 setup ipsec tunnel
[2009-09-21 21:47:25]

S7.9 main loop (receive and transmit ipsec packets)
[2009-09-21 21:47:25]
remote -> local spi: 0xa5fe3fb6
local -> remote spi: 0x9304602
VPNC started in foreground...
lifetime status: 0 of 28800 seconds used, 0|0 of 0 kbytes used
got late ike packet: 84 bytes
got r-u-there ack
lifetime status: 5 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 5 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 5 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 5 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 5 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 6 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 7 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 7 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 7 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 7 of 28800 seconds used, 0|0 of 0 kbytes used
lifetime status: 7 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 8 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 8 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 8 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 8 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 8 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 9 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 9 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 9 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 9 of 28800 seconds used, 0|1 of 0 kbytes used
lifetime status: 9 of 28800 seconds used, 0|2 of 0 kbytes used


_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


dick at mrns

Sep 22, 2009, 12:31 PM

Post #3 of 12 (2882 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
I did some more debugging and I'm afraid ESP traffic is blocked at the
concentrator. I've tried --natt-mode cisco-udp and --natt-mode force-natt but
vpnc keep sending ESP packets (I found this by using tcpdump).

I'm using the following config:
IPSec gateway 1.2.3.4
IPSec ID 1234
IPSec secret 5678
IKE Authmode gpassword
Xauth username 9012.3456 [at] abc
Xauth password 7890
Vendor nortel

Could someone please tell me what I'm doing wrong?

Thanks in advance,
Dick

_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


borneo.antonio at gmail

Sep 22, 2009, 9:44 PM

Post #4 of 12 (2906 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
Hi,

since vpnc succeed in connecting, this means the concentrator is
configured to accept ESP.
Are you sure ESP is blocked at concentrator and not at your side
(provider, adsl modem, wireless router, firewall, ...)?
Do you have any possibility to test from another internet connection?
Could you try disabling iptables or whatever firewall you have?

Today all the natt options of vpnc are not working and ignored in the
Nortel case.

Best Regards
Antonio Borneo

On Wed, Sep 23, 2009 at 3:31 AM, Dick <dick [at] mrns> wrote:
> I did some more debugging and I'm afraid ESP traffic is blocked at the
> concentrator. I've tried --natt-mode cisco-udp and --natt-mode force-natt but
> vpnc keep sending ESP packets (I found this by using tcpdump).
>
> I'm using the following config:
> IPSec gateway 1.2.3.4
> IPSec ID 1234
> IPSec secret 5678
> IKE Authmode gpassword
> Xauth username 9012.3456 [at] abc
> Xauth password 7890
> Vendor nortel
>
> Could someone please tell me what I'm doing wrong?
>
> Thanks in advance,
> Dick
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel [at] unix-ag
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>
_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


dick at mrns

Sep 23, 2009, 2:05 AM

Post #5 of 12 (2883 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
Antonio,

Thank you very much for your reply! Can confirm ESP isn't firewalled at the vpnc
side, I've tried hping3 -H 50 -0 1.2.3.4 (from another host) and I can see
incoming ESP packets (by using tcpdump). My next try will be to connect by using
the Windows Nortel client from an un-nat-ed internet connection. I'm wondering
if that connection will fail or keep using UDP/NAT.
Would it be difficult to enable vpnc to use an UDP/NAT connection in the Nortel
case?

Thanks in advance,
Dick

_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


dick at mrns

Sep 26, 2009, 12:54 AM

Post #6 of 12 (2854 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
Hi all,

I've tried connecting using the Windows Nortel Client from an un-nat-ed Internet
connection but it keeps using (UDP) NAT Traversal. When I try to firewall all
UDP traffic except dport isakmp the connection is made but no ESP packets are
send. (Windows client tells me it is still using NAT Traversal and the
connection times out)

Would it be difficult to enable vpnc to use an UDP/NAT connection in the Nortel
case?

TIA,
Dick

_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


legege at legege

Nov 29, 2009, 7:44 PM

Post #7 of 12 (2268 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
I have a similar situation here. Packets are sent, but nothing is received.

My Internet connection is NATed.
--
Georges-Etienne Legendre, Eng.



On 2009-09-26, at 3:54 AM, Dick wrote:

> Hi all,
>
> I've tried connecting using the Windows Nortel Client from an un-nat-ed Internet
> connection but it keeps using (UDP) NAT Traversal. When I try to firewall all
> UDP traffic except dport isakmp the connection is made but no ESP packets are
> send. (Windows client tells me it is still using NAT Traversal and the
> connection times out)
>
> Would it be difficult to enable vpnc to use an UDP/NAT connection in the Nortel
> case?
>
> TIA,
> Dick
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel [at] unix-ag
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/


_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


legege at legege

Nov 29, 2009, 9:19 PM

Post #8 of 12 (2423 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
I've traced in/out packets on my router. Clearly, the VPN gateway is not responding when ESP is used. With the Windows Nortel Client, UDP packets are used. (See below for the trace)

Now, the question: How difficult is it to get vpnc-nortel working in NATed mode? Thanks!


--- Trace ---
10.100.100.10: My public IP
10.200.200.20: My VPN gateway

==== vpnc-nortel r414 on Linux ====

root [at] ddwr:~# tcpdump -n -i vlan1 | grep 10.200.200.20

00:02:00.854834 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 1 I agg
00:02:00.954368 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 1 R agg
00:02:01.172691 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 1 I agg[E]
00:02:01.194171 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R #6[E]
00:02:01.230531 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I #6[E]
00:02:03.231377 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I #6[E]
00:02:03.488041 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others ? inf[E]
00:02:03.499181 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R #6[E]
00:02:03.548139 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R #6[E]
00:02:03.630286 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I #6[E]
00:02:03.679085 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R oakley-quick[E]
00:02:04.108653 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I oakley-quick[E]
00:02:04.162987 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R oakley-quick[E]
00:02:04.362873 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I inf[E]
00:02:04.381353 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R inf[E]

These ESP packets are sent for a ping to an internal IP.
00:02:35.845094 IP 10.100.100.10 > 10.200.200.20: ESP(spi=0x6021d0fa,seq=0x1), length 132
00:02:36.862163 IP 10.100.100.10 > 10.200.200.20: ESP(spi=0x6021d0fa,seq=0x2), length 132
00:02:37.862601 IP 10.100.100.10 > 10.200.200.20: ESP(spi=0x6021d0fa,seq=0x3), length 132
00:02:38.864417 IP 10.100.100.10 > 10.200.200.20: ESP(spi=0x6021d0fa,seq=0x4), length 132
00:02:39.865646 IP 10.100.100.10 > 10.200.200.20: ESP(spi=0x6021d0fa,seq=0x5), length 132
...
00:02:44.902217 IP 10.100.100.10 > 10.200.200.20: ESP(spi=0x6021d0fa,seq=0xa), length 132

00:07:04.909075 IP 10.200.200.20.500 > 10.200.200.20.500: isakmp: phase 2/others I inf[E]
00:07:04.940858 IP 10.200.200.20.500 > 10.200.200.20.500: isakmp: phase 2/others R inf[E]


==== On Windows ====

root [at] ddwr:~# tcpdump -n -i vlan1 | grep 10.200.200.20

00:13:25.921621 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 1 I agg
00:13:26.021601 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 1 R agg
00:13:26.090461 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 1 I agg[E]
00:13:26.110404 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R #6[E]
00:13:26.114200 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I #6[E]
00:13:28.291430 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R #6[E]
00:13:28.311178 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R #6[E]
00:13:29.438547 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I #6[E]
00:13:29.487780 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R oakley-quick[E]
00:13:29.578506 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I oakley-quick[E]
00:13:29.632277 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R oakley-quick[E]
00:13:33.861443 IP 10.100.100.10.2041 > 10.200.200.20.10001: UDP, length 124
00:13:34.602744 IP 10.100.100.10.2041 > 10.200.200.20.10001: UDP, length 124
00:13:34.817048 IP 10.100.100.10.2041 > 10.200.200.20.10001: UDP, length 76
...
00:13:55.706720 IP 10.100.100.10.2041 > 10.200.200.20.10001: UDP, length 100
00:13:55.731153 IP 10.200.200.20.10001 > 10.100.100.10.2041: UDP, length 156
00:14:00.057760 IP 10.100.100.10.500 > 10.200.200.20.500: isakmp: phase 2/others I oakley-quick[E]
00:14:00.076620 IP 10.200.200.20.500 > 10.100.100.10.500: isakmp: phase 2/others R inf[E]


--
Georges-Etienne Legendre, Eng.



On 2009-11-29, at 10:44 PM, Georges-Etienne Legendre wrote:

> I have a similar situation here. Packets are sent, but nothing is received.
>
> My Internet connection is NATed.
> --
> Georges-Etienne Legendre, Eng.
>
>
>
> On 2009-09-26, at 3:54 AM, Dick wrote:
>
>> Hi all,
>>
>> I've tried connecting using the Windows Nortel Client from an un-nat-ed Internet
>> connection but it keeps using (UDP) NAT Traversal. When I try to firewall all
>> UDP traffic except dport isakmp the connection is made but no ESP packets are
>> send. (Windows client tells me it is still using NAT Traversal and the
>> connection times out)
>>
>> Would it be difficult to enable vpnc to use an UDP/NAT connection in the Nortel
>> case?
>>
>> TIA,
>> Dick
>>
>> _______________________________________________
>> vpnc-devel mailing list
>> vpnc-devel [at] unix-ag
>> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
>> http://www.unix-ag.uni-kl.de/~massar/vpnc/
>
>
> _______________________________________________
> vpnc-devel mailing list
> vpnc-devel [at] unix-ag
> https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
> http://www.unix-ag.uni-kl.de/~massar/vpnc/


_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


borneo.antonio at gmail

Nov 30, 2009, 2:38 AM

Post #9 of 12 (2276 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
On Mon, Nov 30, 2009 at 1:19 PM, Georges-Etienne Legendre
<legege [at] legege> wrote:
> I've traced in/out packets on my router. Clearly, the VPN gateway is not responding when ESP is used. With the Windows Nortel Client, UDP packets are used. (See below for the trace)
>
> Now, the question: How difficult is it to get vpnc-nortel working in NATed mode? Thanks!

Hello Georges-Etienne,
in SVN, from version r448, there is support for Nortel NATT mode.
Please read my comments in
http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2009-October/003293.html

Best Regards
Antonio Borneo
_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


legege at legege

Nov 30, 2009, 5:48 AM

Post #10 of 12 (2266 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
It finally works!

Thanks Antonio for all your work!
--
Georges-Etienne Legendre, Eng.



On 2009-11-30, at 5:38 AM, Antonio Borneo wrote:

> On Mon, Nov 30, 2009 at 1:19 PM, Georges-Etienne Legendre
> <legege [at] legege> wrote:
>> I've traced in/out packets on my router. Clearly, the VPN gateway is not responding when ESP is used. With the Windows Nortel Client, UDP packets are used. (See below for the trace)
>>
>> Now, the question: How difficult is it to get vpnc-nortel working in NATed mode? Thanks!
>
> Hello Georges-Etienne,
> in SVN, from version r448, there is support for Nortel NATT mode.
> Please read my comments in
> http://lists.unix-ag.uni-kl.de/pipermail/vpnc-devel/2009-October/003293.html
>
> Best Regards
> Antonio Borneo


_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


freek at macfreek

Nov 30, 2009, 6:34 AM

Post #11 of 12 (2264 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
Georges-Etienne Legendre wrote:

> It finally works!

I presume you used version r448 instead of r414. Did you still use the
patch for r414? Did that work?

I think it is beneficial for the community if we can make a patch so
that the latest svn version can compile for the Mac right away.

Regards,
Freek
_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/


legege at legege

Nov 30, 2009, 9:34 AM

Post #12 of 12 (2268 views)
Permalink
Re: vpnc-nortel can establish connection but doesn't receive any traffic [In reply to]
I've used r449, no patch required (no ESP/kernel ipsec).

The only additional step for your How-To is to install gnutls with MacPorts, and add this in the config file:
NAT Traversal Mode nortel-udp

That's it.
--
Georges-Etienne Legendre, Eng.



On 2009-11-30, at 9:34 AM, Freek Dijkstra wrote:

> Georges-Etienne Legendre wrote:
>
>> It finally works!
>
> I presume you used version r448 instead of r414. Did you still use the
> patch for r414? Did that work?
>
> I think it is beneficial for the community if we can make a patch so
> that the latest svn version can compile for the Mac right away.
>
> Regards,
> Freek


_______________________________________________
vpnc-devel mailing list
vpnc-devel [at] unix-ag
https://lists.unix-ag.uni-kl.de/mailman/listinfo/vpnc-devel
http://www.unix-ag.uni-kl.de/~massar/vpnc/

vpnc devel RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.