[Openswan Users] Trying to use linux as VPN client
Paul Wouters
paul at xelerance.com
Thu Nov 20 16:51:31 EST 2008
On Thu, 20 Nov 2008, Sebastiaan van Erk wrote:
> I configured GTA mobile client to have NAT-T disabled; tunnel setup works
> fine, but connections don't work afterwards. With NAT-T on "force" it does
> work, so NAT-T seems to be required. This leads me to guess that it's not
> causing problems right now (since tunnel setup worked without NAT-T), but it
> will be a problem once I get a step futher....
Can you explain "NAT-T on force"? Did you mean forceencaps= ? Or something
on the client?
> > phase2alg=aes192-sha1-modp1024
> >
> > [The format for ESP is ENC-AUTH followed by an optional PFSgroup. For
> > instance, "3des-md5" or "aes256-sha1-modp2048". --- the man page]
You can try es256-sha1;modp2048
It depends on on the version of openswan (and I think with some versions,
the man page didn't get re-generated)
Paul
More information about the Users
mailing list