[Openswan Users] WinXP Roadwarrior cannot connect to xl2tpd

Stefan Denker Stefan at dn-kr.de
Tue Nov 7 12:19:35 EST 2006


On Tue, Nov 07, 2006 at 05:12:28PM +0100, Jacco de Leeuw wrote:
>>conn khdn-rw
>>        right=%any
>>        rightsubnet=vhost:%priv,%no
>>        rightprotoport=17/%any
> Could you try with rightprotoport=17/1701? For some reason the
> combination of the three lines above results in L2TP packets
> being sent in the clear (Paul?).

I will... I don't like the fact of unpatched workstations being allowed 
into our companies net.

> Unfortunately this change means that MacOS X clients are excluded.
> Do you use Macs?

Not that I am aware of.

>>        dpddelay=60
>>        dpdtimeout=240
>>        dpdaction=clear
> By the way, this won't work with Windows and Mac clients because
> they don't support Dead Peer Detection. It will be ignored but if
> you also have Linux L2TP/IPsec clients it could be of use.

I know... But I thought I'd enable it, there might be some roadwarrior
capable.

Thanks, 

Stefan
-- 
           Blessed are the pessimists, for they make backups.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20061107/826e195c/attachment-0001.bin 


More information about the Users mailing list