<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
<font size="-1"><font face="Helvetica, Arial, sans-serif">With some
help from Paul, I was able to get OSX Lion to connect the
following configuration. iPhone also works:<br>
<br>
version 2.0<br>
config setup<br>
nat_traversal=yes<br>
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12<br>
oe=off<br>
protostack=netkey<br>
forceencaps=yes<br>
<br>
conn L2TP-PSK<br>
authby=secret<br>
pfs=no<br>
rekey=no<br>
keyingtries=3<br>
rightsubnet=vhost:%no,%priv<br>
left=(default router)<br>
leftprotoport=17/1701<br>
right=%any<br>
rightprotoport=17/%any<br>
auto=add<br>
<br>
<br>
My problem now is that Windows 7 refuses to cooperate. If I
remove the necessary "forceencaps" for OSX Lion, it works just
fine. I've tried making a separate connection like this:<br>
<br>
conn windows<br>
leftprotoport=17/1701<br>
rightprotoport=17/1701<br>
also=PSK<br>
<br>
conn osx<br>
leftprotoport=17/1701<br>
rightprotoport=17/%any<br>
forceencaps=yes<br>
also=PSK<br>
<br>
conn PSK<br>
[...]<br>
<br>
<br>
But no matter what port OSX picks that isn't 1701, openswan
always matches its connection to whatever comes first in the
list.<br>
<br>
Any thoughts are appreciated.<br>
<br>
<br>
</font></font>
</body>
</html>