[Openswan Users] Roadwarrior Help

Jacco de Leeuw jacco2 at dds.nl
Wed Aug 11 18:16:05 CEST 2004


>>In your case you might have to add the following to the config setup and
>>config roadwarrior sections:
>>
>>config setup
>>~	< .. >
>>~	nat_traversal=yes
>>~	virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
>>
>>conn roadwarrior
>>~	< .. >
>>~	rightsubnet=vhost:%no,%priv

Some additional remarks:

- Either SP2 or the NAT-T update (Q818043) has to be installed on XP.
- IPsec passthrough has to be disabled on the 'DSL RTR'.
- There are some problems with PSKs and NAT-T. Use certificates instead.

>>~	rightprotoport=17/0
>>~	leftprotoport=17/1701
> You should also be able to use rightprotoport=17/%any 

No, Kyle seems to be using Marcus Mueller's IPSEC.EXE tool and not L2TP,
so these (left|right)protoport statements are not needed.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list