[Openswan Users] Multiple Connections

Nick Howitt n1ck.h0w1tt at gmail.com
Wed May 15 13:54:49 UTC 2013


 

Try setting "uniqueids=no", or consider giving each Netgear router a
different Local ID then have multiple conns specifing different
rightid's. Use the "also" key word so you don't have to duplicate common
conn data. 

On 2013-05-15 14:19, Jeremy Schaeffer wrote: 

> I cannot
get multiple connections to work at the same time. If I connect 
> them
one at a time they work, but if one is connected, the second one 
>
kicks that one off and then they fight back and forth logging in and 
>
out. What am I missing? This worked a year ago but I stopped using it 
>
and I am now back to using it and something changed. I am using a newer

> version so maybe is a version thing. All the clients are dynamic 
>
addresses, using Netgear FVS318G units, server is static. Here is the 
>
config -
> 
> config setup
> interfaces=%defaultroute
>
myid=@vpn.****.biz
> nat_traversal=yes
> oe=off
> protostack=netkey
>
syslog=syslog.info
> virtual_private=%v4:172.29.0.0/16
> # Enable this
if you see "failed to find any available worker"
> # nhelpers=0
> 
>
#You may put your configuration (.conf) file in the "/etc/ipsec.d/" and

> uncomment this.
> #include /etc/ipsec.d/*.conf
> 
> conn VOIP-VPN
>
auth=esp
> authby=secret
> auto=add
> dpdtimeout=30
> dpddelay=60
>
dpdaction=clear
> ike=3des-md5;modp1024
> ikelifetime=8h
>
salifetime=8h
> left=69.12.16.29
> leftid=@vpn.****.biz
>
leftnexthop=69.12.16.29
> leftsourceip=172.28.130.9
>
leftsubnet=172.28.130.1/24
> pfs=yes
> phase2alg=3des-md5;modp1024
>
right=%any
> rightnexthop=%defaultroute
> rightsubnet=vhost:%priv,%no
>

> conn Local-VPN
> auth=esp
> authby=secret
> auto=add
>
dpdtimeout=30
> dpddelay=60
> dpdaction=clear
> ike=3des-md5;modp1024
>
ikelifetime=8h
> salifetime=8h
> left=69.12.16.29
>
leftid=@vpn.****.biz
> leftnexthop=69.12.16.29
>
leftsourceip=172.28.101.9
> leftsubnet=172.28.101.1/24
> pfs=yes
>
phase2alg=3des-md5;modp1024
> right=%any
> rightnexthop=%defaultroute
>
rightsubnet=vhost:%priv,%no
> 
> -- Jeremy
> 
>
_______________________________________________
>
Users at lists.openswan.org
>
https://lists.openswan.org/mailman/listinfo/users [1]
> Micropayments:
https://flattr.com/thing/38387/IPsec-for-Linux-made-easy [2]
> Building
and Integrating Virtual Private Networks with Openswan:
>
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
[3]
 

Links:
------
[1]
https://lists.openswan.org/mailman/listinfo/users
[2]
https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
[3]
http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130515/a2a436e2/attachment.html>


More information about the Users mailing list