[Openswan Users] Openswan 2.4.13 kills all non-IPSEC connections
Andy Theuninck
gohanman at gmail.com
Wed Jan 28 12:29:31 EST 2009
I was trying to set up a nat-t on both ends connection w/ window
compatibility and ran into the bug described here:
http://bugs.xelerance.com/view.php?id=1004
The bug report suggests that using 2.4.13 will solve my problem (I'm
even using the same distro & kernel). So I compiled & installed
2.4.13. Now when I start up pluto, every single connection to the
server dies. I can't get SSH, HTTP, etc. I'm sure there's a simple
answer for this, but I can't come up with the right search terms to
get an answer out of google.
ipsec.conf:
version 2.0 # conforms to second version of ipsec.conf specification
config setup
protostack=netkey
nat_traversal=yes
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24
conn passthrough-for-non-l2tp
type=passthrough
left=%defaultroute
right=0.0.0.0
rightsubnet=0.0.0.0/0
auto=route
conn road
authby=secret
pfs=no
rekey=no
keyingtries=3
type=transport
forceencaps=yes
left=%defaultroute
leftprotoport=17/1701
right=%any
rightsubnet=vhost:%no,%priv
rightprotoport=17/%any
auto=add
I have a passthrough; I'm excluding my local subnet from
virtual_private. What am I missing?
More information about the Users
mailing list