[Openswan Users] IPsec.conf connection order
ttelford.groups at gmail.com
Tue Sep 21 12:37:11 EDT 2010
I'm having some trouble with my understanding of ipsec.conf;
specifically, I'm not understanding how Openswan determines which
connection is being made.
For instance, when I try to make a conn listing for a pure IPsec
connection, and list it before an L2TP connection, any time a client
attempts to connect with IPsec+L2TP, the log from pluto says the only
connection being attempted is the pure IPsec connection. There is
attempt to use the L2TP conn - the only thing ever attempted is the
pure IPsec conn.
In fact, it doesn't seem to matter that there are two pure IPsec
connection types (one that is just the local subnet, the other is the
0.0.0.0/0). It seems that no matter what I try, the first connection
is the one that is used, regardless of anything that follows.
I'd appreciate it if anybody can tell me where my thinking is wrong,
and what I need to do differently.
My IPsec conf is below; the only IPsec connection that is ever
attempted is the 'roadwarrior-all' connection:
# I haven't had a chance to apply Paul's patch so I can use 17/%any
rightid="C=US, ST=State, O=My Org, OU=My Org Unit, CN=*, E=*"
More information about the Users