<br><font size=2 face="sans-serif">I fixed the first problem with the network
connection going Resource Unavailble</font>
<br>
<br><font size=2 face="sans-serif">Could someone tell me if these config
files are going to work for an L2TP/IPSEC setup for my roadwarriors on
dynamic ips. I would appreciate any help using openswan 2.3.0</font>
<br>
<br><font size=2 face="sans-serif">Thanks</font>
<br>
<br><font size=2 face="sans-serif">##### IPsec.conf #######</font>
<br>
<br><font size=1 face="Courier New"># /etc/ipsec.conf - Openswan IPsec
configuration file</font>
<br><font size=1 face="Courier New"># RCSID $Id: ipsec.conf.in,v 1.13 2004/03/24
04:14:39 ken Exp $</font>
<br><font size=1 face="Courier New"># This file: /usr/share/doc/openswan/ipsec.conf-sample</font>
<br><font size=1 face="Courier New">#</font>
<br><font size=1 face="Courier New"># Manual: ipsec.conf.5</font>
<br>
<br><font size=1 face="Courier New">version 2.0
# conforms to second version of ipsec.conf
specification</font>
<br>
<br><font size=1 face="Courier New"># sample VPN connection</font>
<br>
<br><font size=1 face="Courier New">config setup</font>
<br><font size=1 face="Courier New"> forwardcontrol=yes</font>
<br><font size=1 face="Courier New"> interfaces="ipsec0=eth1"</font>
<br><font size=1 face="Courier New"> nat_traversal=yes</font>
<br><font size=1 face="Courier New"> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192.168.10.0/24</font>
<br>
<br><font size=1 face="Courier New">conn %default</font>
<br><font size=1 face="Courier New"> authby=rsasig</font>
<br><font size=1 face="Courier New"> compress=yes</font>
<br><font size=1 face="Courier New"> disablearrivalcheck=no</font>
<br><font size=1 face="Courier New"> keyingtries=1</font>
<br><font size=1 face="Courier New"> leftrsasigkey=%cert</font>
<br><font size=1 face="Courier New"> rightrsasigkey=%cert</font>
<br>
<br><font size=1 face="Courier New">conn roadwarrior-net</font>
<br><font size=1 face="Courier New"> leftsubnet=192.168.10.0/255.255.255.0</font>
<br><font size=1 face="Courier New"> also=roadwarrior</font>
<br>
<br><font size=1 face="Courier New">conn roadwarrior-all</font>
<br><font size=1 face="Courier New"> leftsubnet=0.0.0.0/0</font>
<br><font size=1 face="Courier New"> also=roadwarrior</font>
<br>
<br><font size=1 face="Courier New">conn roadwarrior</font>
<br><font size=1 face="Courier New"> left=%defaultroute</font>
<br><font size=1 face="Courier New"> leftcert=chpas-linuxvpn.mydomain.pem</font>
<br><font size=1 face="Courier New"> right=%any</font>
<br><font size=1 face="Courier New"> rightsubnet=vhost:%no,%priv</font>
<br><font size=1 face="Courier New"> auto=add</font>
<br><font size=1 face="Courier New"> pfs=yes</font>
<br>
<br><font size=1 face="Courier New">conn roadwarrior-l2tp</font>
<br><font size=1 face="Courier New"> auto=start</font>
<br><font size=1 face="Courier New"> left=%defaultroute</font>
<br><font size=1 face="Courier New"> leftcert=chpas-linuxvpn.mydomain.com.pem</font>
<br><font size=1 face="Courier New"> leftprotoport=17/1701</font>
<br><font size=1 face="Courier New"> pfs=no</font>
<br><font size=1 face="Courier New"> right=%any</font>
<br><font size=1 face="Courier New"> rightprotoport=17/1701</font>
<br><font size=1 face="Courier New"> type=tunnel</font>
<br>
<br><font size=1 face="Courier New">conn roadwarrior-l2tp-oldwin</font>
<br><font size=1 face="Courier New"> left=%defaultroute</font>
<br><font size=1 face="Courier New"> leftcert=chpas-linuxvpn.mydomain.com.pem</font>
<br><font size=1 face="Courier New"> leftprotoport=17/0</font>
<br><font size=1 face="Courier New"> right=%any</font>
<br><font size=1 face="Courier New"> rightprotoport=17/1701</font>
<br><font size=2 face="Courier New"> </font><font size=1 face="Courier New"><b><i>rightsubnet=vhost:%no,%priv
?? Is this right</i></b></font>
<br><font size=1 face="Courier New"> pfs=no</font>
<br><font size=1 face="Courier New"> auto=add</font>
<br>
<br><font size=1 face="Courier New">#sample#
# To authorize this connection, but
not actually start it, at startup,</font>
<br><font size=1 face="Courier New">#sample#
# uncomment this.</font>
<br><font size=1 face="Courier New">#sample#
#auto=start</font>
<br>
<br><font size=1 face="Courier New">#Disable Opportunistic Encryption</font>
<br><font size=1 face="Courier New">include /etc/ipsec.d/examples/no_oe.conf</font><font size=2 face="sans-serif"><br>
</font><font size=1 color=blue face="Verdana"><b><br>
</b></font>
<br>
<br><font size=1 color=blue face="Verdana"><b>####### no_oe.conf ###########</b></font>
<br>
<br><font size=1 face="Courier New"># 'include' this file to disable Opportunistic
Encryption.</font>
<br><font size=1 face="Courier New"># See /usr/share/doc/openswan/policygroups.html
for details.</font>
<br><font size=1 face="Courier New">#</font>
<br><font size=1 face="Courier New"># RCSID $Id: no_oe.conf.in,v 1.2 2004/10/03
19:33:10 paul Exp $</font>
<br>
<br><font size=1 face="Courier New">conn block</font>
<br><font size=1 face="Courier New"> auto=ignore</font>
<br>
<br><font size=1 face="Courier New">conn private</font>
<br><font size=1 face="Courier New"> auto=ignore</font>
<br>
<br><font size=1 face="Courier New">conn private-or-clear</font>
<br><font size=1 face="Courier New"> auto=ignore</font>
<br>
<br><font size=1 face="Courier New">conn clear</font>
<br><font size=1 face="Courier New"> auto=ignore</font>
<br>
<br><font size=1 face="Courier New">conn packetdefault</font>
<br><font size=1 face="Courier New"> auto=ignore</font>
<br>
<br>
<br><font size=1 color=blue face="Verdana"><b>###### options.l2tpd</b></font>
<br>
<br><font size=1 face="Courier New">pcp-accept-local</font>
<br><font size=1 face="Courier New">ipcp-accept-remote</font>
<br><font size=1 face="Courier New">ms-dns 192.168.10.34</font>
<br><font size=1 face="Courier New">ms-wins 192.168.10.34</font>
<br><font size=1 face="Courier New">auth</font>
<br><font size=1 face="Courier New">crtscts</font>
<br><font size=1 face="Courier New">idle 1800</font>
<br><font size=1 face="Courier New">mtu 1200</font>
<br><font size=1 face="Courier New">mru 1200</font>
<br><font size=1 face="Courier New">nodefaultroute</font>
<br><font size=1 face="Courier New">debug</font>
<br><font size=1 face="Courier New">lock</font>
<br><font size=1 face="Courier New">proxyarp</font>
<br><font size=1 face="Courier New">connect-delay 5000</font>
<br><font size=1 face="Courier New">nologfd</font><font size=1 color=blue face="Verdana"><b><br>
<br>
<br>
</b></font>