[Openswan Users] linux roadwarrior + XP l2tp conn with ids will not work.

Brett Curtis dashnu at gmail.com
Mon Aug 28 16:51:26 EDT 2006


I have finally established a linux to linux roadwarrior conection.

Gateway:
conn linux-to-linux
         authby=rsasig
         left=<external ip>
         leftid=@vpn.domain.net
         leftsubnet=172.17.170.0/24
         leftrsasigkey=0sAQOapWmExxxx.....
         right=%any
         rightid=@road.you.com
         rightsubnet=vhost:%no,%priv
         rightrsasigkey=0sAQN/WxhRxxxx......
         auto=add

Roadwarrior:
conn linux-to-linux
         authby=rsasig
         right=<external ip>
         rightid=@vpn.domain.net
         rightsubnet=172.17.170.0/24
         rightrsasigkey=0sAQOapWmExxxx.......
         left=%defaultroute
         leftid=@road.you.com
         leftrsasigkey=0sAQN/WxhRxxxx.......
         auto=add

I am able to ping the remote gateway by internal ip tcpdump shows UDP  
encapsulated ESP... so all seems well.

The problem is My XP clients try to use this conn rather then this:

conn roadwarrior-osx-xp
         leftprotoport=17/1701
         rightprotoport=17/%any
         rekey=no
         also=roadwarrior

conn roadwarrior
         authby=secret
         pfs=no
         type=tunnel
         left=%defaultroute
         right=%any
         rightsubnet=vhost:%no,%priv
         auto=add

I thought this was what the ids were for but the do not seem to be  
doing there job for me. I had this problem before but never found a  
resolution for it.

Can we use two conns with right=%any ?

Brett Curtis
dashnu at gmail.com
http://teh.sh.nu





More information about the Users mailing list