[Openswan Users] Problem with multiple connection in l2tp/ipsec
D h @ v @ l
dhaval4linux at yahoo.com
Tue Sep 25 09:37:40 EDT 2007
I want to connect multiple clients at the same time. the ip address is different.
I have removed leftid and rightid from my connection but still it cant make connection to any one. To use different PSK for different client I have used that leftis and rightid, because ipsec - ipsec works fine with that. For creating multiple connection I have added two connection in my ipsec.conf. here it is
version 2.0 # conforms to second version of ipsec.conf specification
# basic configuration
# NAT-TRAVERSAL support, see README.NAT-Traversal
# Add connections here
#Disable Opportunistic Encryption
Then I have ipsec.secrets file look like
@10.10.136.94 @10.10.136.45 : PSK "helloworld"
@10.10.136.94 @10.10.136.46 : PSK "hello"
Still it cant making connection. after starting ipsec I have added that two connection. Here I want to use different PSK for different clients. Is it possible? How to make multiple connection with Certs. To make multiple connection I have also used leftid and rightid.
Can you tell how to do that with PSK and Certs.
Jacco de Leeuw <jacco2 at dds.nl> wrote:
> I want to make multiple connection.
What do you mean? You want to support multiple L2TP/IPsec clients
connecting at the same time? From different IP addresses or from
behind the same NAT device?
> But when I add leftid and rightid in connection to ipsec.conf
Why? Leftid/rightid already default to left/right.
Use auto=add if the client is a road warrior.
> Without leftid and rightid can I make multiple connection?
If clients are connecting from multiple fixed IP addresses
then create multiple connection sections in ipsec.conf.
If clients have dynamic IP addresses, use right=%any instead.
But then every client will have to use the same PSK. You may
want to switch to certificates instead.
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
Need a vacation? Get great deals to amazing places on Yahoo! Travel.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Users