[Openswan Users] Linux L2TP client behind NAT
Jacco de Leeuw
jacco2 at dds.nl
Sun Aug 19 18:17:19 EDT 2007
Gbenga wrote:
> I have a linux l2tp client with Openswan 2.4.9 that need to connect another
> Openswan 2.4.7 VPN/L2TP server.
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
Hm, I don't remember if the local and/or remote subnets have to be
excluded in the virtual_private parameter on the Linux client.
We'll find out later :-)
> right=193.x.x.x
> rightprotoport=17/%any
Use rightprotoport=17/1701 here.
> rekey=no
That's a mistake on my part. Should be rekey=yes for the client
(the server has rekey=no).
> pfs=yes
Good :-). The server has pfs=no but they will negotiate PFS anyway.
> [lac vpnx]
> lns = 10.10.1.57
This should be the same public IP address as specified in ipsec.conf
with the right= parameter. I.e. lns = 193.x.x.x
Sorry if that wasn't clear enough.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list