[Openswan Users] Roadwarrior windows xp client to Openswan Linux server and finally to windows xp client

Jure Baznik babylon9 at gmail.com
Mon Mar 12 13:37:18 EDT 2007 

Hi, I have this network:

Windows xp client 1
Openswan server                        Windows Xp client 2

Internet                                                             lan
eth0: 193.2.76.229  ------------------------------------------------- eth0:
193.2.76.224 -------------------- eth0: 10.10.10.3
eth1: 10.10.10.1
eth1: 10.10.10.1


I want to connect from Windows Xp client 1 ( who act as roadwarrior) to
Windows Xp client 2
through Linux server Openswan. I can get to Openswan server from Windows Xp
client 1. I have stuck
how to connect to Windows Xp client 2. I did many things but none of them
work. I'm using ubuntu, netkey
and certificates with l2tp. I would really apreciate any help I get.

My configuration is like this:

ipsec.conf

version    2.0

config setup
    interfaces="ipsec0=eth0 ipsec1=eth1"
    nat_traversal=yes
    virtual_private=%v4:
10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.10.10.0/24<http://10.0.0.0/8,%25v4:192.168.0.0/16,%25v4:172.16.0.0/12,%25v4:%2110.10.10.0/24>

conn %default
    keyingtries=1
    compress=yes
    disablearrivalcheck=no
    authby=rsasig
    leftrsasigkey=%cert
    rightrsasigkey=%cert

conn roadwarrior-net
    leftsubnet= 0.0.0.0/0
    also=roadwarrior

conn roadwarrior-net2
    leftsubnet=0.0.0.0/0
    also=roadwarrior2

conn roadwarrior
    left=193.2.76.229
    leftcert=kaktus.crt
    right=%any
    rightsubnet=vhost:%no,%priv
    auto=add
    pfs=yes

conn roadwarrior2
    left=10.10.10.1
    leftcert=kaktus.crt
    right=%any
    rightsubnet=vhost::no,%priv
    auto=add
    pfs=yes

conn roadwarrior-l2tp
    type=transport
    left=193.2.76.229
    leftcert=kaktus.crt
    leftprotoport=17/1701
    right=%any
    rightprotoport=17/1701
    pfs=no
    auto=add

__________________________________________

l2tpd.conf

[global]
port = 1701

[lns default]
ip range = 10.10.10.2-10.10.10.254
local ip = 10.10.10.1
require chap = yes
refuse pap = yes
require authentication = yes
name = LinuxVPN
ppp debug = yes
pppoptfile = /etc/ppp/options.l2tpd
length bit = yes


___________________________________________

chap-secrets file:

xpclient1     *         "xpclient1"     193.2.76.224
*         xpclient1     "xpclient1"     193.2.76.224
xpclient2       *               "xpclient2"     10.10.10.3
*               xpclient2       "xpclient2"     10.10.10.3

___________________________________________

options.l2tpd file:

ipcp-accept-local
ipcp-accept-remote
ms-dns 193.2.72.1
noccp
auth
crtscts
idle 1800
mtu 1400
mru 1400
nodefaultroute
debug
lock
proxyarp
connect-delay 5000
silent
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20070312/cb85f2e7/attachment.html

More information about the Users mailing list