[Openswan Users] Working IPSec/L2TP for Windows clients with
X.509 and NAT-T details
Jacco de Leeuw
jacco2 at dds.nl
Wed Mar 16 10:41:30 CET 2005
Alan Whinery wrote:
> I have posted some info on a working setup at:
>
> http://thundarr.its.hawaii.edu/advanced/make_work/IPSec/Openswan_Windows_x509/index.html
>
> It uses Openswan, Kernel 2.6.11.2 IPSec, l2tpns.
Thanks! I was not aware of l2tpns. I guess it is a good alternative
in situations where l2tpd just doesn't cut it.
Some small questions:
- You write: "I never did get [racoon] to do NAT traversal, which is
the reason for [using Openswan]. Apparently, racoon will not set up
NAT-T in transport mode". Can anyone confirm this?
- virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
Don't you need to exclude your LAN (presumably 192.168.94.0/24 and
192.168.9.0/24) here?
- There is no mention in the l2tpns documentation of required features
for the RADIUS server. May I ask what RADIUS server you are using?
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list