[Openswan Users] pluto: deleting connection instance with peer -- why?

JOR HAY flexbumpchest at gmail.com
Tue May 15 14:19:17 EDT 2007


On 5/14/07, Jacco de Leeuw <jacco2 at dds.nl> wrote:
>
> JOR HAY wrote:
>
> > virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:172.23.23.0/24
>
> You probably meant to _exclude_ your internal subnet:
>
> ... =%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16,%v4:!172.23.23.0/24
>
> > conn L2TP-WINXP
> >         authby=secret
> >         right=%any
> >         rightprotoport=17/%any
>
> There is currently a known problem with this combination, if NAT is
> involved. Probably the easiest solution would be to switch to
> certificates or to use rightprotoport=17/1701 (which unfortunately
> drops support for Mac clients).
>
That's ok with me, no Mac's here.  Thanks for the pointers.


More information about the Users mailing list