[Openswan Users] VPN-1 Edge X to Openswan success (AES)

Jerry Kaidor jerry at tr2.com
Fri Dec 16 15:28:21 CET 2005

> Jerome Kaidor wrote:
>> Connections will sometimes be partially set up, and the server
>> then locks my IP out so I can't even SSH in to fix it.
> I really curious what kernel and Openswan version you are using.
*** Kernel version 2.4.31, Openswan 2.3.1.

> And is it running NETKEY or KLIPS?
*** KLIPS.

   One decent workaround I found is to ssh to another system somewhere
where I have a shell account.  Then ssh from there into the "locked-out"
Openswan node.

   Everything in the world can be fixed.  But I want to have a system
where _I_ control all the IPSEC stuff.  As you pointed out, Windows is a
closed system.   I will probably have to support L2TP/Ipsec for when my
customer goes travelling, but only on a "best effort" basis.

   I got l2tp/ipsec working on my WinXP laptop talking to my own Openswan
server.  I was using a dialout account to let me be logically outside the
house - and coming into the server from the open Internet.

   Then I went travelling and stayed at a motel with free wireless.   The
free wireless worked.  The Ipsec/L2TP didn't :(.   It was the old
"connection set up but not quite complete and lock out that IP address"

   I'm not asking for any troubleshooting here, because I know I have not
provided any information - no ipsec.conf, no ipsec barf no nothing.  But
you did ask :).

                    - Jerry Kaidor ( jerry at tr2.com )

More information about the Users mailing list