[Openswan Users] L2TP OS X/Windows problem

[Lawrence Manning]

Hey llist,

We are trying to get our L2TP VPN setup to work with both Mac (and  
iphone) connections and Windows.  Here's our setup that works fine for  
Windows users:

conn rw
	left=192.168.72.167
	leftnexthop=192.168.72.1
	leftprotoport=17/1701
	rightprotoport=17/1701
	right=%any
	rightsubnet=vhost:%no,%priv
	pfs=no
	rekey=no
	compress=no
	auto=add
	leftcert=hostcert.pem
	leftrsasigkey=%cert
	rightrsasigkey=%cert
	authby=rsasig
	auth=esp
	keyingtries=3

(we are testing on internal IPs).

We've come into the old rightprotoport problem documented in a few  
places.  Basically if we change it too:

rightportoport=1701/0

The OS X client can connect, but the windows user cant.  Apparently  
this is fixed in openswan 2.4.10 but even with 2.4.15 we still errors  
connecting with the windows client:

Jan 15 12:46:34 s_sys at smoothwall pluto[6012]: "conn20"[2]  
192.168.72.203 #1: can
not respond to IPsec SA request because no connection is known for  
192.168.72.16
7[C=UK, ST=xxx, L=xxx, O=xxx, CN=xxx, E=xxx]: 
17/1701...192.168.72.203[C=xxx, ST=xxx, L=xxx, O=xxx, CN=xxx
1, E=xxx]:17/1701

Does anyone how, in 2.4.15, you can define a single conn that will  
connect both Windows XP and OS X clients?


-- 

Lawrence Manning
Lead Developer

SmoothWall Ltd
1 John Charles Way
Leeds LS12 6QA
United Kingdom

1 800 959 3760     (USA, Canada and North America)
0870 1 999 500     (United Kingdom)
+44 870 1 999 500  (All other countries)

SmoothWall is registered in England: 4298247

This email and any attachments transmitted with it are confidential to  
the intended recipient(s) and may not be communicated to any other  
person or published by any means without the permission of SmoothWall  
Limited.  Any opinions stated in this message are solely those of the  
author.  See: http://smoothwall.net/company/email.php for the full  
text of this notice.