<P>Hello all –</P>
<P>Time to stop lurking and jump in on the action. I’ve successfully installed 2.1.1 with NAT-T support and can connect from the MS L2TP client. Ran into a few problems along the way though:<BR>
<BR>
- When I first tried to connect through NAT, I got “NAT-Traversal: Transport mode disabled due to security concerns”. Finally tracked this down to the USE_NAT_TRAVERSAL_TRANSPORT_MODE option in programs/pluto/Makefile which in turn passes I_KNOW_TRANSPORT_MODE_HAS_SECURITY_CONCERN_BUT_I_WANT_IT. The problem appears to be that Makefile.inc has “USE_NAT_TRAVERSAL_TRANSPORT?=true” - note the missing "_MODE" at the end. Added it on, recompiled, and all was well for me. Just checked CVS and it looks like this is now set to false by default but is still missing the little bit at the end there. <BR>
<BR>
- I was also trying to use the virtual_private directive as documented in Mathieu's patch. This had worked for me before with super freeswan but now if I try to use "virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.1.0/24", I get "3 bad entries in virtual_private - none loaded". If I only use one at a time, ie "virtual_private=%v4:10.0.0.0/8" it doesn't complain, but I can't seem to get any more than that. For now I've just setup separate entries with a rightsubnetwithin parameter for each private subnet. There's a probably a better way to do it but that's working for me at the moment.. anyone else run into this?<BR>
<BR>
I'm also having the pluto coredump problem with a CRL but it looks like that's already been discussed so I'll just do without a CRL for now. :) <BR>
<BR>
Think that's it! Let me know if you want additional info/complete configs/etc. Thanks.</P><BR>