[Openswan Users] WinXP Behind Nat to Openswan Server Behind NAT
Jacco de Leeuw
jacco2 at dds.nl
Mon Jul 17 09:41:03 CEST 2006
Meron Lavie wrote:
> Since all my company's WinXP's are NAT-ted, I added "
> rightsubnet=vhost:%no,%priv ". However, if I add that parameter then my
> internal connection doesn't work anymore, and if I try "ipsec verify", I
> get:
>
> conn L2TP-PSK-EXTERNAL
> authby=secret
> rightsubnet=vhost:%no,%priv
rightsubnet= is not required for PSKs. I don't know why it is needed
for certificates and not for PSKs...
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list