[Openswan Users] Window XP <-> Debian
Jacco de Leeuw
jacco2 at dds.nl
Sun Jul 23 12:35:31 CEST 2006
Brian Sheets wrote:
> I am running debian vmlinuz-2.6.8-2-386, with openswan 1:2.2.0-8, l2tpd
> 0.70-pre20031121-2 as the openswan box
>
> Windows XP SP2, using windows vpn client
>
> 192.168.23.x (x:1 NAT) <-> netscreen 5gt <-> internet <-> debian box
> <-> 10.x.x.x (1:1 NAT)
The XP client is located behind the Netscreen, right?
> config setup
> interfaces=%defaultroute
> nat_traversal=yes
If the Netscreen is doing NAT, you need to add:
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!10.0.0.0/24
(assuming that your 10.x.x.x is 10.0.0.0/24; if it isn't, you've got
a very large network behind the Debian box).
> right=%any
> rightrsasigkey=%cert
> rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
> I am logging in as two separate users, but I am using the same cert.
I don't think that's a good idea. Can you make two seperate client
certs?
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list