[Openswan Users] Openswan Xl2tpd error when connecting VPN on

[Mateen Fugawala]

I did the same config for ipsec.conf but still failing to connect. Here is my /var/logs/secure attached after making the changes. Still failing to connect from my host...

version 2.0

config setup
        nat_traversal=yes
        nhelpers=0
        protostack=netkey
        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:!192.168.1.0/24
        oe=off

conn L2TP-PSK
        authby=secret
        pfs=no
        auto=add
        keyingtries=3
        rekey=no
        ikelifetime=8h
        keylife=1h
        type=transport
        left=192.168.1.11
        leftprotoport=17/1701
        leftnexthop=192.168.1.1
        right=%any
        rightprotoport=17/0
        rightsubnet=vhost:%no,%priv



-----Original Message-----
From: Willie Gillespie [mailto:wgillespie+openswan at es2eng.com] 
Sent: Saturday, January 22, 2011 2:17 PM
To: Mateen Fugawala
Cc: users at openswan.org
Subject: Re: [Openswan Users] Openswan Xl2tpd error when connecting VPN on

Mateen Fugawala wrote:
> Also, here is my updated ipsec.conf config. I though this might be more simple than my earlier config.
>         
> virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:192.168.1.0/24

You may have to say
virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:!192.168.1.0/24

Basically saying that 192.168.1.0/24 is NOT allowed... since that would cause routing confusion.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: secure.log.log
Type: application/octet-stream
Size: 178749 bytes
Desc: not available
Url : http://lists.openswan.org/pipermail/users/attachments/20110122/de2c7585/attachment-0001.obj