[Openswan Users] No connection added using vhost
Neil Ballantyne
Neil at liquide.uk.com
Thu Jun 9 18:42:19 CEST 2005
Hi,
Having trouble getting rightsubnet=vhost:%no,%priv to work. If I comment
out the line the connection is defined (and works for both NATed and
non-NATed connections), if I uncomment the line the connection
description is not added (or mentioned at all in the logs).
Openswan 2.3.0 (NAT-T 0.6c)
Ipsec.conf:
# /etc/ipsec.conf
version 2.0
config setup
interfaces=%defaultroute
plutodebug = none
uniqueids = yes
nat_traversal = yes
virtual_private = %v4:10.0.2.0/24,%v4:!10.0.1.0/24
conn %default
keyingtries=1
keylife = 60m
compress=no
disablearrivalcheck=no
authby=rsasig
leftrsasigkey=%cert
rightrsasigkey=%cert
conn roadWarrior-l2tp
type = transport
left = xxx.xxx.xxx.xxx
leftnexthop = yyy.yyy.yyy.yyy
leftcert = fw0-cert.pem
leftprotoport = 17/1701
right = %any
rightprotoport = 17/1701
#rightsubnet = vhost:%no,%priv
auto = add
pfs = no
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
Thanks,
--
neil
More information about the Users
mailing list