[Openswan Users] oakley.log for letoto
James
james at nttmcl.com
Fri Jun 1 19:06:02 EDT 2007
Jacco de Leeuw wrote:
> There are a few errors in Nate Carlson's sample config.
> Use the sample files included with Openswan, or see my webpage.
>
> Jacco
>
Still the same problems
Oakley log looks pretty much the same
This is my new config:
version 2.0
config setup
interfaces=%defaultroute
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:xxx.xxx.xxx.192/27
conn roadwarrior-l2tp
authby=rsasig
leftrsasigkey=%cert
left=%defaultroute
leftcert=/etc/ipsec.d/certs/vpnserver.pem
leftprotoport=17/1701
rightrsasigkey=%cert
right=%any
rightca=%same
rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
pfs=no
auto=add
rekey=no
conn roadwarrior-l2tp-old
authby=rsasig
leftrsasigkey=%cert
left=%defaultroute
leftcert=/etc/ipsec.d/certs/vpnserver.pem
leftprotoport=17/0
rightrsasigkey=%cert
right=%any
rightca=%same
rightprotoport=17/1701
rightsubnet=vhost:%no,%priv
pfs=no
auto=add
rekey=no
conn roadwarrior
authby=rsasig
leftrsasigkey=%cert
left=%defaultroute
leftsubnet=xxx.xxx.xxx.192/27
leftcert=/etc/ipsec.d/certs/vpnserver.pem
rightrsasigkey=%cert
right=%any
rightsubnet=vhost:%no,%priv
auto=add
pfs=yes
conn block
auto=ignore
conn private
auto=ignore
conn private-or-clear
auto=ignore
conn clear-or-private
auto=ignore
conn clear
auto=ignore
conn packetdefault
auto=ignore
More information about the Users
mailing list