<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
<font size="-1"><font face="Helvetica, Arial, sans-serif">Your
configuration would work if you're connecting from a NAT
network. OSX/iPhone doesn't have any problems with that. It is
when you connect from a public address that you have problems.
You either need to have forceencaps=yes or nat_traversal off for
public to work. I'm trying to get both working at the same
time.<br>
<br>
Paul this issue is unrelated to this bug right? It seems
similar:<br>
<br>
<a class="moz-txt-link-freetext" href="https://gsoc.xelerance.com/view.php?id=773">https://gsoc.xelerance.com/view.php?id=773</a><br>
</font></font><br>
On 09/26/2011 05:47 PM, Willie Gillespie wrote:
<blockquote cite="mid:4E810F1B.3020807@es2eng.com" type="cite">
<pre wrap="">On Mon, 26 Sep 2011, Pete Ashdown wrote:
</pre>
<blockquote type="cite">
<pre wrap="">With some help from Paul, I was able to get OSX Lion to connect the following configuration. iPhone also works:
Any thoughts are appreciated.
</pre>
</blockquote>
<pre wrap="">
The only differences between my config and yours are the following
(snipped to just the differences):
rightsubnet=vhost:%priv
# Apple iOS doesn't send delete notify so we need dead peer
detection
# to detect vanishing clients
dpddelay=10
dpdtimeout=90
dpdaction=clear
# Set ikelifetime and keylife to same defaults Windows has
ikelifetime=8h
keylife=1h
# l2tp-over-ipsec is transport mode
type=transport
You have rightsubnet=vhost:%no,%priv where mine doesn't have the %no. I
can't recall right now what that does.
</pre>
</blockquote>
<br>
%no = public addresses, %priv = private addresses<br>
<br>
</body>
</html>