[Openswan Users] L2TP-PSK to iPhone/OSX/Win7
Pete Ashdown
pashdown at xmission.com
Tue Sep 27 13:32:57 EDT 2011
Your configuration would work if you're connecting from a NAT network.
OSX/iPhone doesn't have any problems with that. It is when you connect
from a public address that you have problems. You either need to have
forceencaps=yes or nat_traversal off for public to work. I'm trying to get
both working at the same time.
Paul this issue is unrelated to this bug right? It seems similar:
https://gsoc.xelerance.com/view.php?id=773
On 09/26/2011 05:47 PM, Willie Gillespie wrote:
> On Mon, 26 Sep 2011, Pete Ashdown wrote:
>> With some help from Paul, I was able to get OSX Lion to connect the following configuration. iPhone also works:
>>
>> Any thoughts are appreciated.
> The only differences between my config and yours are the following
> (snipped to just the differences):
>
> rightsubnet=vhost:%priv
> # Apple iOS doesn't send delete notify so we need dead peer
> detection
> # to detect vanishing clients
> dpddelay=10
> dpdtimeout=90
> dpdaction=clear
> # Set ikelifetime and keylife to same defaults Windows has
> ikelifetime=8h
> keylife=1h
> # l2tp-over-ipsec is transport mode
> type=transport
>
> You have rightsubnet=vhost:%no,%priv where mine doesn't have the %no. I
> can't recall right now what that does.
>
%no = public addresses, %priv = private addresses
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20110927/4aeebcfa/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 254 bytes
Desc: OpenPGP digital signature
Url : http://lists.openswan.org/pipermail/users/attachments/20110927/4aeebcfa/attachment.bin
More information about the Users
mailing list