[Openswan Users] Mac OS X can't connect to Openswan server (Linux Kernel 2.6)
Arnel B. Espanola
aespanola at arts.ucla.edu
Tue Apr 29 15:43:18 EDT 2008
If I use this config, MAC OSX works but not Windows:
conn roadwarrior-l2tp
leftprotoport=17/1701
rightprotoport=17/%any
also=roadwarrior
If I used this config, Windows works but not MAC OSX:
conn roadwarrior-l2tp
leftprotoport=17/0
rightprotoport=17/1701
also=roadwarrior
or
conn roadwarrior-l2tp
leftprotoport=17/1701
rightprotoport=17/0
also=roadwarrior
Below is my complete ipsec config:
version 2.0 # conforms to second version of ipsec.conf specification
config setup
interfaces=%defaultroute
klipsdebug=none
plutodebug=none
overridemtu=1410
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:172.16.0.0/12,%v4:192.168.0.0/16
conn %default
keyingtries=3
compress=yes
disablearrivalcheck=no
authby=secret
type=tunnel
keyexchange=ike
ikelifetime=240m
keylife=60m
conn roadwarrior-net
leftsubnet=192.168.0.0/16
also=roadwarrior
conn roadwarrior-all
leftsubnet=0.0.0.0/0
also=roadwarrior
#conn roadwarrior-l2tp
# leftprotoport=17/0
# rightprotoport=17/1701
# also=roadwarrior
conn roadwarrior-l2tp
leftprotoport=17/1701
rightprotoport=17/0
also=roadwarrior
conn roadwarrior-l2tp-updatedwin
leftprotoport=17/1701
rightprotoport=17/1701
also=roadwarrior
conn roadwarrior
pfs=no
left=x.x.x.2
leftnexthop=x.x.x.1
right=%any
rightsubnet=vhost:%no,%priv
auto=add
#Disable Opportunistic Encryption
include /etc/ipsec.d/examples/no_oe.conf
where x.x.x is a public subnet
Thanks,
Arnel
Paul Wouters wrote:
> On Tue, 29 Apr 2008, Arnel B. Espanola wrote:
>
>> leftprotoport=17/1701
>> rightprotoport=17/%any
>>
>> This setting makes my MAC works but it causes my windows to stop
>> working. Is there anything I need to modify in the configuration to make
>> the MAC and Windows work?
>
> Use rightprotoport=17/0 on openswan 2.4.12+
>
> Paul
More information about the Users
mailing list