[Openswan Users] Working IPSec/L2TP for Windows clients with X.509 and NAT-T details

Jacco de Leeuw jacco2 at dds.nl
Wed Mar 16 10:41:30 CET 2005

Alan Whinery wrote:

> I have posted some info on a working setup at:
> http://thundarr.its.hawaii.edu/advanced/make_work/IPSec/Openswan_Windows_x509/index.html 
> It uses Openswan, Kernel IPSec, l2tpns.

Thanks! I was not aware of l2tpns. I guess it is a good alternative
in situations where l2tpd just doesn't cut it.

Some small questions:

- You write: "I never did get [racoon] to do NAT traversal, which is
   the reason for [using Openswan]. Apparently, racoon will not set up
   NAT-T in transport mode". Can anyone confirm this?

- virtual_private=%v4:,%v4:,%v4:
   Don't you need to exclude your LAN (presumably and here?

- There is no mention in the l2tpns documentation of required features
   for the RADIUS server. May I ask what RADIUS server you are using?

Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl

More information about the Users mailing list