[Openswan Users] Openswan 2.6.38 and Windows XP breaking everything!
Willie Gillespie
wgillespie+openswan at es2eng.com
Mon Apr 16 22:53:37 EDT 2012
On 04/16/2012 04:46 PM, Bart Swedrowski wrote:
> My /etc/ipsec.conf file goes as follows:
>
> left=5.6.7.8
> leftprotoport=17/1701
> right=%any
> rightprotoport=17/%any
My configs have rightprotoport=17/0 instead of 17/%any with the
following note (which I'm not sure if it's an old note, or current)
# Using the magic port of "0" means "any one single port". This is
# a work around required for Apple OSX clients that use a randomly
# high port, but propose "0" instead of their port.
That should fix the one warning you got.
I also have a note with the following settings:
# Apple iOS doesn't send delete notify so we need dead peer detection
# to detect vanishing clients
dpddelay=10
dpdtimeout=90
dpdaction=clear
More information about the Users
mailing list