[Openswan Users] Only single and initial connection permitted

Jacco de Leeuw jacco2 at dds.nl
Thu Jul 21 00:20:32 CEST 2005

Oliver Tomkins wrote:

> I've enabled the windows 2000 client to log to the system log and it 
> basically say the same thing and it doesn't get as far as the PPP stage 
> so that remains empty.
> The client machines come to the firewall > to the IPSEC box where we use 
> DNAT & SNAT to rewrite the packets to the l2tpd box on the internal 
> subnet.

Well, do you see anything in the l2tpd logs? Can you sniff the
link between the Openswan box and the l2tpd box? If there are
no packets, you'll have to find out where they have gone. Is there
a firewall involved somewhere?

> Also I can't quite seem to figure out how we can force a particular 
> client to use a certain connection definition??

I see only one connection definition in the ipsec.conf that you
posted. If there are other ones, you could use different
rightid or rightcert lines. I would also recommend rightca=%same.

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list