[Openswan Users] L2TP/IPSec with straight IPsec in the same server
stjames08 at yahoo.co.uk
Thu Dec 14 10:35:03 EST 2006
I have a unique problem with my vpn setup. For a while now, I have L2TP/VPN working (with x509) quite well. I have it interface with radius for authentication. I would love to keep this as my only vpn access but it is difficult setting up third-party e.g application support engineers from companies I deal with. Since most of them would have some form of vpn clients set up already on their PC.
So I stick an extra network interface card with a new address range in, then configured tunnel connection. This came up fine, but I cannot ping any ends from the connection. I have checked the routing on both end.
What I would like to know is whether it is possible to run the two connects ( transport & tunnel together). I noticed that openswan will not work with both set to %any. Is there a configuration work around? For the tunnel mode I am testing with evaluation version of Greenbow - mostly windows clients.
Secondly, I have many other networks hanging off the router. At work, these are all reachable but via the l2tp/vpn, they are not. Is there is away to set routing to go out via the ipsec link when people are using the l2tp?
This is my ascii diagram of the network...
10.10.1.3 ----10.10.net.gw----10.10.1.57/10.9.181.41/29---openswan-------10.10.1.240 (openswan internal gw) ----- 193.x.x.x (openswan Internet gw) ---------- DSL Internet ip --------- 192.168.1.0/24 (vpn clients l2tp/ipsec tunnel)
[network hanging off 10.10.net]
Copy addresses and emails from any email account to Yahoo! Mail - quick, easy and free. http://uk.docs.yahoo.com/trueswitch2.html
More information about the Users