[Openswan Users] Problem with securing l2tpd (NETKEY 2.6)
Adrian Gruntkowski
adrian at ima.pl
Thu Jun 14 20:07:33 EDT 2007
>>Everything works fine, however my pain is l2tpd listening on all
>>interfaces (public ones included). Both l2tpd and openswan are
>>on the same physical server.
> Include this in your /etc/xl2tpd/xl2tpd.conf file. That will make
> l2tp daemon listen on your internal ip. Make sure to restart your l2tpd service.
> [global]
> listen-addr = [internal ip]
This would work if it was KLIPS. I have been struggling with it for days
but couldn't make it work with NAT-T (module was crashing - couldn't find
any solution) so I've switched to NETKEY. The problem is, that there's
no ipsec interface anymore so I can't redirect traffic from tunnel
to l2tpd listening on internal interface.
The other thing I've found in kernel is:
XFRM (IPSec) Networking Security Hooks
As far as I know it's SELinux related - I've no experience with it.
Looked for some documentation on that topic but couldn't find
anything.
Greetings,
adrian at ima.pl
Adrian Gruntkowski
More information about the Users
mailing list