[Openswan Users] L2TP Windows XP Client with openswan

Urmo urmo at mindworks.ee
Mon Jan 31 16:30:57 CET 2005

> From: Paul Wouters [mailto:paul at xelerance.com] 
> Subject: Re: [Openswan Users] L2TP Windows XP Client with openswan

> This is the clash that cannot work. Also, please do not use 
> the subnetwithin syntax, as this is obsoleted by the vhost syntax.
Hmm, setting right subnet according to many suggestions:


makes my ipsec "reboot" endlessly. I.e. it sleeps for ten seconds, then
tries again filling logs with huge amount of bootup messages, probably
problem causing is "ASSERTION FAILED at connections.c:1293:
isanyaddr(&c->spd.that.host_addr)". If I comment this line or set
rightsubnet to something more reliable, it starts normally.

> but the authentication problem I think is due to not having 
> the proper PSK secret in /etc/ipsec.secrets. Since you sent 
> an id of "@it.hq.mwx.ee", this needs to match in the 
> ipsec.secrets file,eg:

What authentication problem? My ipsec.secrets contained %any: PSK "****************"
and that passed quite ok according to the logs. At least as much as I could
make out of it. If I deliberatly mistyped PSK at client side, log showed
authentication failure quite clearly.


More information about the Users mailing list