[Openswan Users] Is this true?

Paul Wouters paul at xelerance.com
Thu Mar 31 16:26:45 EDT 2011

On Thu, 31 Mar 2011, scartomail wrote:

> http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html
> Looks straight forward I was planning on setting up such a system.
> Until I read these lines at the bottom of the howto:
> 1. One caveat I've noticed however is that the client cannot be initially on the same subnet as your organization's internal IP range.

Yes, this is true. Pick your l2tp server range carefully.

> 2. Another caveat that I've noticed is that I don't think two computers can connect to the server from behind the same NAT.

That depends. With KLIPS and SAref tracking (kernel patch in openswan source)
this is no longer an issue.


More information about the Users mailing list