[Openswan Users] Please help: strange behaviour with OpenSwan/xl2tpd & Android vpn client
Jacco de Leeuw
jacco2 at dds.nl
Thu Apr 15 03:42:43 EDT 2010
Quoting John Wells <jfw at jfwhome.com>:
> Trying to set up openSwan on Ubuntu 9.10 (Linode VPS) to talk to the
> android 2.1 IPSec/L2TP VPN client using PSK.
This should work, but my setup was slightly different from yours:
- I tested with Android 1.6
- My goal was to access a LAN behind the VPN server, whereas it seems
that you want secured access to the Internet.
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12
You need to exclude the subnet on your 'internal' interface (if it's
connected or not). Try this:
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!10.0.0.0/24
> conn PSK
> rightsubnet=vhost:%no,%priv
> conn L2TP-PSK-noNAT
Simply merge these two. The 'no NAT' case is covered by the '%no'.
> rightprotoport=17/1701
rightprotoport=17/%any
Do you plan to try certificates once you got the PSK working?
Unfortunately I couldn't get the L2TP/IPsec connection to start
in the Android emulator (bug?) so at the moment I can't investigate this.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list