[Users] [PATCH] MSL2TP PAYLOAD MALFORMED workaround plus 2 .reg files

[ mail re-sent because didn't appear in ML ]

Hi Jacco

1st of all: thanks for your greAT tutorial abount setting up such a beast =)

Sometimes, apparently on client rekeying timer; MSL2TP sends malformed packets: they specify ISAKMP_NEXT_VID instead of ISAKMP_NEXT_NONE on last payload, thus triggering PAYLOAD MALFORMED responses and making pluto (correctly) ignore them.

Attached patch does workaround this situation by forcing ISAKMP_NEXT_NONE if space remaining == 0 (ie. the only choice); this patch gave me somewhat more reliability to reconnections from client.

Also, those two registry files setup PFS (as stated in your tutorial) _and_ IPCOMP, both succesfully tested.

Ken: lets see if other ppl success with this patch, so we inject into superfreeswan CVS

Regards

--Juanjo       freeswan algo: AES (+others), SHA2, MODP2048-4096 
               selectable algorithms support for Phase1 and 2.
	       
http://www.irrigacion.gov.ar/juanjo/ipsec/

#  Juan Jose Ciarlante (JuanJo PGP) jjo ;at; mendoza.gov.ar              #

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related lists.freeswan.org Links 1998-fall 1998-spring 1998-summer 1998-winter 1999-winter announce briefs bugs design freeswan-list hipsec ietf-sectest users users-admin Request more information about Pantek