[Openswan Users]
Andy Gay
andy at andynet.net
Tue Aug 8 21:12:29 EDT 2006
On Tue, 2006-08-08 at 23:58 +0200, Paul Wouters wrote:
> On Tue, 8 Aug 2006, Greg wrote:
>
> > conn roadwarrior-l2tp
> > left=%defaultroute
> > leftcert=/etc/ipsec.d/certs/cert.pem
> > leftprotoport=17/1701
> > right=%any
>
> You cannot use both %defaultroute and %any, because then openswan
> cannot determine if it is left or right.
You sure? I use that on a few systems, works OK.
Quote from ipsec.conf(5):
"If it is %defaultroute, and the config setup section's, interfaces
specification contains %defaultroute, left will be filled in
automatically with the local address of the default-route interface (as
determined at IPsec startup time)"
More information about the Users
mailing list