[Openswan Users] XL2TPD and OSX Client (natted behind Airport Extreme Station)

Alexander Damhuis alex at damhuis.de
Sat Nov 21 13:53:23 EST 2009 

Dear all,

first of all thank you to the developers - OpenSWAN is really amazing!

I am currently trying to configure a "simple" setup of a PSK VPN with IPSec and L2TP, in order to connect my webserver (which is also used as a storage, incl. webdav), my home and my iPhone. After reading a looooong time and thousands of documents I am lost in space somewhere. The IPSec connection works now finally, at least from what I can say from the logs, and after playing around with a VM I think the "basics" work also. The fact my Desktop and Homeserver are natted behind an Airport Extreme Base Station causes my headaches I guess... Means - I could can to the config I am going to post to you - but only if I am not behind a nat LAN.

So, Szenario is:

<Hosted SERVER>---internet--<Airport Station>---<Desktop iMac, OSX 10.6.2>

My server runs Ubuntu LTS 8.04, inkl. Plesk with it's IPTables Firewall. I am not sure if the IPTables config is essential for the L2TP to receive packets coming from the IPSec tunnel, so I would be very happy for any hint/link to explanations, etc in that direction. I compiled OpenSWAN manually, since the one in the deb-source of LTS 8.04 didn't want to connect on IPSec level at all to the natted Peer behind the router.

L2TP daemon is the xl2tp, binary from the debsource (i guess it comes from universe).

I attached ipsec barf output as well as syslog for XL2TPD and the configs I made.

Any help/hint how I could solve this situation is warmly welcome. Even if the answer is, that iPhone and OSX are not supported at all. I am not an expert in networking, but I want to learn more about VPN - that is why I am not going for PPTP (which works quite easily)... if activating debugging or compiling special versions to trace/track anything is required - no problemo. Even a screenx session with someone is fine to me.

With best regards,

Alexander

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: barf.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20091121/6e2e013d/attachment-0002.txt 
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: xl2tpd.txt
Url: http://lists.openswan.org/pipermail/users/attachments/20091121/6e2e013d/attachment-0003.txt

More information about the Users mailing list