[Openswan Users] L2TP Windows XP Client with openswan
Urmo
urmo at mindworks.ee
Mon Jan 31 16:30:57 CET 2005
> From: Paul Wouters [mailto:paul at xelerance.com]
> Subject: Re: [Openswan Users] L2TP Windows XP Client with openswan
> This is the clash that cannot work. Also, please do not use
> the subnetwithin syntax, as this is obsoleted by the vhost syntax.
Hmm, setting right subnet according to many suggestions:
rightsubnet=vhost:%no,%priv
makes my ipsec "reboot" endlessly. I.e. it sleeps for ten seconds, then
tries again filling logs with huge amount of bootup messages, probably
problem causing is "ASSERTION FAILED at connections.c:1293:
isanyaddr(&c->spd.that.host_addr)". If I comment this line or set
rightsubnet to something more reliable, it starts normally.
> but the authentication problem I think is due to not having
> the proper PSK secret in /etc/ipsec.secrets. Since you sent
> an id of "@it.hq.mwx.ee", this needs to match in the
> ipsec.secrets file,eg:
What authentication problem? My ipsec.secrets contained
194.106.125.147 %any: PSK "****************"
and that passed quite ok according to the logs. At least as much as I could
make out of it. If I deliberatly mistyped PSK at client side, log showed
authentication failure quite clearly.
Urmo
More information about the Users
mailing list