[Openswan Users] Leopard IPsec initial test - failed

Alan Whinery whinery at hawaii.edu
Wed Oct 31 18:47:54 EDT 2007


Another wrinkle -- Leopard doesn't seem to set routes the same way
Tiger(and Windows, etc) did.

Our roadwarriors have used the VPN to become part of the home network
remotely, and then any and all destinations (except the local
interface's network) are through the PPP/L2TP/IPSec.

Just FYI that we have observed it as different.

Alan

> Chris Zane wrote:
>> seems that Leopard's implementation of PPTP doesn't add a default
>> route over the ppp interface.
>>
>> doing a route add default -interface ppp# (depending on the ppp
>> interface number) will get you where it was with tiger.
>>
>> Windows adds a default route out to the ip that you get off the vpn
>> connection.

Jacco de Leeuw wrote:
> Pepijn Oomen wrote:
>
>   
>> Yes, this fixes DPD :) But that should of course not be necessary, the 
>> client should properly report its disconnection...
>>     
>
> I agree, if you don't see any Delete SAs then there is something wrong
> with the Mac client. It would be great if Apple could post their racoon
> source code but they are under no obligation to do that.
>
> Jacco
>   



More information about the Users mailing list