[Openswan Users] Openswan & ipsec-tools incompatible?
Paul Wouters
pwouters at redhat.com
Sun Feb 12 13:57:28 EST 2012
On Sun, 12 Feb 2012, Patrick Lists wrote:
> I have been trying to figure out why Android 4.0.x (ICS) can not connect to
> openswan-2.6.32-9.el6 on a CentOS 6.2 x86_64 box. Android ICS uses
> ipsec-tools 0.8.0 (current git). So I installed ipsec-tools 0.8.0 on the
> CentOS 6.2 box, configured it, on the phone started the IPsec/L2TPD profile
> and the IPsec part works fine. Part of log:
It might all be a configuration issue. I was hunting down the iphone
public ip bug, when i wrote a patch but not sure if it is needed. Try
using:
virtual_private=%v4:0.0.0.0/0,%v4:!1.2.3.0/24,%v4:!192.168.0.0/24
where 1.2.3.0/24 is your l2tp servers public ip, and 192.168.0.0/24 is
what you hand out over l2tp. Of course along with:
rightsubnet=vhost:%priv,%no
I still needed to test if just that would be enough, or if the patch I
lost actually fixed something more.
You might see a difference in testing due to NAT being present or not.
Paul
More information about the Users
mailing list