[Openswan Users] Can't connect Win98 MSL2TP client to OpenSwan
Server
Jacco de Leeuw
jacco2 at dds.nl
Wed Jun 29 17:07:55 CEST 2005
Mark Cave-Ayland wrote:
> I'm having trouble trying to setup a VPN using OpenSwan v1.0.7, X509
> certificates, and a roadwarrier Win98 using the MSL2TP client behind a
> masquerading router. This is on a Linux 2.4 kernel using KLIPS.
Are you using IPCop, by any chance? I'm asking because they are still
using Openswan 1.0.7 while the Openswan team encourages Openswan-2.
> virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!192
> .168.2.0/24,%v4:!192.168.3.0/24
>
> conn l2tp-win2kxpsp2
> # Use PSK, disable PFS
> #authby=secret
> pfs=no
> # Left (local host)
> left=213.x.x.x
> leftcert=cacerts/cacert.pem
Is this the root certificate? If so, then this is incorrect.
You need to issue a separate certificate for the server.
> leftprotoport=17/1701
> leftnexthop=%defaultroute
> # Right (remote host)
> right=%any
> rightid="C=GB, ST=Devon, L=Plymouth, O=WebBased Ltd, OU=VPN, CN=*"
> rightprotoport=17/1701
You forgot to add:
rightsubnet=vhost:%no,%priv
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list