[Openswan Users] L2TP/IPSec not working without NAT

Muenz, Michael m.muenz at spam-fetish.org
Fri Apr 27 01:54:45 EDT 2012

Am 26.04.2012 20:10, schrieb Tuomo Soini:
> This doesn't work as it should. If you do two conns to work around %no
> bug you must NOT have %no in vhost definition.

Yes, I had a huge trouble users hopping from one to other, in the end 
all other VPN stops working.

> conn l2tp-nat
> 	rightsubnet=vhost:%priv
> 	also=l2tp
> conn l2tp
> 	# all options go here...
> It is important not to have %no in vhost so that pluto can find out
> which conn to use...

My old working setup was a 2.4.15 machine, but with 2.6. you can't just 
copy ipsec.conf.
Will test the new setup next week.

Thanks everyone.


More information about the Users mailing list