[Openswan Users] Roadwarriors allow only one user a time

Renzo reda at logobject.ch
Fri Sep 20 13:27:25 UTC 2013 

Hi,
no there are no overlapping and is a pure ipsec connection.
I've tested with 3 different computers all of them are able to connect 
correctly but not in parallel, as soon as the new one is connected the 
old one is

Thanks
Renzo


On 20.09.2013 00:20, Paul Young wrote:
> Hi,
>
> Are there overlapping IP assignments from behind different and the 
> same NAT routers?
>
> As Netkey does not support that in the same way that KLIPS does.
>
> Also is this pure ipsec connection or is l2tp\ppp involved at all?
>
> Sorry that does not directly answer your question.
>
> I am pretty new to all of this myself
>
>
> On 19 September 2013 22:24, Renzo <reda at logobject.ch 
> <mailto:reda at logobject.ch>> wrote:
>
>     Hi,
>     We are trying to configure a roadwarriors  vpn, here the
>     configuration we have:
>
>
>
>
>     version 2.0     # conforms to second version of ipsec.conf
>     specification
>     config setup
>             nat_traversal=yes
>     virtual_private=%v4:10.0.0.0/8,%v4:!10.11.0.0/16,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10
>     <http://10.0.0.0/8,%v4:%2110.11.0.0/16,%v4:192.168.0.0/16,%v4:172.16.0.0/12,%v4:25.0.0.0/8,%v6:fd00::/8,%v6:fe80::/10>
>             oe=off
>             protostack=netkey
>             uniqueids=no
>     # roadwarrior
>     conn roadwarriors
>          authby=secret
>          left=%defaultroute
>          leftid=ourExternaIp
>          leftsubnet=0.0.0.0/0 <http://0.0.0.0/0>
>          leftxauthserver=yes
>          right=%any
>          rightid=%any
>          rightsubnet=10.11.4.0/24 <http://10.11.4.0/24>
>          rightxauthclient=yes
>          dpddelay=30
>          dpdtimeout=120
>          dpdaction=clear
>          rekey=no
>          ikelifetime=3h
>          salifetime=3h
>          aggrmode=no
>          ike=3des-sha1;modp1024
>          type=tunnel
>          phase2=esp
>          phase2alg=3des-sha1;modp1024
>          modecfgdns1=10.11.1.1
>          auto=add
>
>     It works really fine until only one remote pc is connected.
>     As soon as another user try to connect, the server close the old
>     tunnel and create the new one.
>     I.e. only one user a time can connect through the vpn.
>     Any suggestion?
>
>
>     # uname -a
>     Linux alixg 3.8.2 #3 Mon Mar 4 09:32:22 CET 2013 i586 Geode(TM)
>     Integrated Processor by AMD PCS AuthenticAMD GNU/Linux
>
>     # ipsec --version
>     Linux Openswan U2.6.38/K3.8.2 (netkey)
>
>
>     Thanks for your time
>     Renzo
>
>
>     _______________________________________________
>     Users at lists.openswan.org <mailto:Users at lists.openswan.org>
>     https://lists.openswan.org/mailman/listinfo/users
>     Micropayments:
>     https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
>     Building and Integrating Virtual Private Networks with Openswan:
>     http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20130920/e09e5d78/attachment.html>

More information about the Users mailing list