[Openswan Users] Problem distinguishing roadwarrriors
paul at xelerance.com
Sat Jan 3 20:13:31 EST 2009
On Sat, 3 Jan 2009, Thomas Broda wrote:
> I have an annoying problem with my roadwarrior configuration. I've got
> several Linux and Windows roadwarriors.
> If ipsec.conf contains both kinds of configurations (several Linux
> roadwarriors AND the Windows L2TP config), then connection attempts from
> the Windows clients end up in the wrong configuration context. That is,
> Openswan will try to apply the configuration from "conn
> roadwarrior-linux1" (as an example) instead using "conn roadwarrior-l2tp".
> What do I need to change in order to make Openswan use the right
> configuration for the Windows clients?
Note that openswan can "correct" the connection if multiple configurations
overlap in phase1 (eg if phase1 is not distinctive enough). So it might
look like it picks the wrong connection while in fact it might not be.
But some logs would help to determine if this is the case.
Since l2tp is in transport mode, and the linux clients are not, try
adding an explicite type=transport to the roadwarriors-l2tp conn to
see if that makes any difference.
More information about the Users