[Openswan Users] L2TP/IPSEC (yet)
Giovani Moda
giovani at mrinformatica.com.br
Sun Nov 20 10:14:17 CET 2005
> No. rekey=no does not mean it is forbidden to rekey. It means "do not
> initiate a rekey". With right=%any, you cannot initiate the rekey.
> Instead,
> the client should do the rekeying. With rekey=no, Openswan will still
> accept the client rekeying.
Good, so I'll keep my config.
> I have just used Openswan 2.4.4 and MacOSX 10.4.3 using L2TP, with
> an mru and mtu of 410 and "use vpn gateway as default gateway".
> I fired up bittorrent and started heavy duty
> networking. Everything workds fine (except at rekey, which is a known
> apple compatibility bug we're working on).
So, maybe that's not MTU and MRU either.
> I was however, using NETKEY and not KLIPS. I believe there are some issues
> with KLIPS in such a setup that needs further investigation.
I could be that. Or it could be something with my router. I mean, what are
the rerquirimentes for the router at the client side? 'Cause a direct
connection works like a charm. As far as I can see, the problem relies
with the gateway sending packets to the nated box. Maybe theres something
getting stucked somewere. I was acctually looking for some guidance, not
blaming it on openswan.
Any tips?
Giovani
More information about the Users
mailing list