[Openswan Users] WLAN IPsec implementation
Bryan McAninch
bryan at mcaninch.org
Sun May 15 18:08:46 CEST 2005
Have you tried using 'right=w.x.y.z", where w.x.y.z is the IP of your
laptop? I have found that using more specific settings usually helps narrow
the scope of where a problem is. One thing I failed to mention in my last
post, is that I force my laptop to use a static IP, b/c of the PSK
constraints. In that case, you wouldn't need 'right=%any', which is really
only useful for authenticating clients with x.509 certificates, which /can/
have /any/ IP.
FYI I am using native XP IPSec.
Let me know if I can provide further assistance.
Bryan
-----Original Message-----
From: Zach [mailto:zach at zerobit.net]
Sent: Sunday, May 15, 2005 1:41 PM
To: 'Bryan McAninch'
Cc: users at openswan.org
Subject: RE: [Openswan Users] WLAN IPsec implementation
Oddly enough it looks like when I specify the right side of the
connection with anything other than %any I get the ubiquitous "No connection
is known for..." error message. Also having the leftsubnet=0.0.0.0/0
specified in the connection does this, even with right=%any. I'm not sure
why, earlier in the logs it see the IKE packets coming from what's specified
in "right=".
I also noticed you don't have Openswan setup to tunnel l2tp, I
considered this option as well, but it appears the ipsec.exe only works with
x509 certs (I've since switched from certs to PSK auth, with the same
results). Mind me asking what you use?
------------------------------------------------
PGP public key:
http://www.zerobit.net/zach.asc
KeyID:
0x98DEBD82
<----- snip ----->
More information about the Users
mailing list