[Openswan Users] VPN-1 Edge X to Openswan success (AES)
Jerry Kaidor
jerry at tr2.com
Fri Dec 16 15:28:21 CET 2005
> Jerome Kaidor wrote:
>
>> Connections will sometimes be partially set up, and the server
>> then locks my IP out so I can't even SSH in to fix it.
>
> I really curious what kernel and Openswan version you are using.
*** Kernel version 2.4.31, Openswan 2.3.1.
> And is it running NETKEY or KLIPS?
*** KLIPS.
One decent workaround I found is to ssh to another system somewhere
where I have a shell account. Then ssh from there into the "locked-out"
Openswan node.
Everything in the world can be fixed. But I want to have a system
where _I_ control all the IPSEC stuff. As you pointed out, Windows is a
closed system. I will probably have to support L2TP/Ipsec for when my
customer goes travelling, but only on a "best effort" basis.
I got l2tp/ipsec working on my WinXP laptop talking to my own Openswan
server. I was using a dialout account to let me be logically outside the
house - and coming into the server from the open Internet.
Then I went travelling and stayed at a motel with free wireless. The
free wireless worked. The Ipsec/L2TP didn't :(. It was the old
"connection set up but not quite complete and lock out that IP address"
symptom.
I'm not asking for any troubleshooting here, because I know I have not
provided any information - no ipsec.conf, no ipsec barf no nothing. But
you did ask :).
- Jerry Kaidor ( jerry at tr2.com )
More information about the Users
mailing list