[Openswan Users]

Andy Gay andy at andynet.net
Tue Aug 8 21:12:29 EDT 2006

On Tue, 2006-08-08 at 23:58 +0200, Paul Wouters wrote:
> On Tue, 8 Aug 2006, Greg wrote:
> > conn roadwarrior-l2tp
> >         left=%defaultroute
> >         leftcert=/etc/ipsec.d/certs/cert.pem
> >         leftprotoport=17/1701
> >         right=%any
> You cannot use both %defaultroute and %any, because then openswan
> cannot determine if it is left or right.

You sure? I use that on a few systems, works OK.

Quote from ipsec.conf(5):
"If  it  is %defaultroute, and the config setup section's, interfaces
specification contains %defaultroute, left will be filled in
automatically with the local address of the default-route interface (as
determined at IPsec startup time)"

More information about the Users mailing list