[Openswan Users] Is this true?
Paul Wouters
paul at xelerance.com
Thu Mar 31 16:26:45 EDT 2011
On Thu, 31 Mar 2011, scartomail wrote:
> http://rootmanager.com/ubuntu-ipsec-l2tp-windows-domain-auth/setting-up-openswan-xl2tpd-with-native-windows-clients.html
>
> Looks straight forward I was planning on setting up such a system.
>
> Until I read these lines at the bottom of the howto:
> 1. One caveat I've noticed however is that the client cannot be initially on the same subnet as your organization's internal IP range.
Yes, this is true. Pick your l2tp server range carefully.
> 2. Another caveat that I've noticed is that I don't think two computers can connect to the server from behind the same NAT.
That depends. With KLIPS and SAref tracking (kernel patch in openswan source)
this is no longer an issue.
Paul
More information about the Users
mailing list