[Openswan Users] Multiple users behind Same IP

Paul Young paul at arkig.com
Thu Sep 4 21:14:56 EDT 2014


I think (I have not done it myself - just read about it) you need to change
the protostack to use KLIPS.

Cheers


On 24 August 2014 05:10, Dominic Wiersma <d.wiersma at dwits.nl> wrote:

>  Hello all,
>
>
>
> I have set-up an IPsec with xl2tpd and all is running fine.
>
> The only problem is when multiple users want to connect from the same
> public IP address to the IPsec server they cannot connect to it, and if
> they can, another user is disconnected instead.
>
> Which parameters control whether users can or cannot connect to an IPSec
> VPN server from the same public IP?
>
> I have searched hours but I cannot seem to find the right buttons to turn.
>
>
>
> I am running Ubuntu 14.04 LTS with kernel 3.13.0-34-generic
>
> Linux Openswan U2.6.38/K3.13.0-34-generic (netkey)
>
> Version xl2tpd: xl2tpd-1.3.6
>
>
>
> Now this is my ipsec.conf
>
> dumpdir=/var/run/pluto/
>
> nat_traversal=yes
>
> virtual_private=%v4:10.0.0.0/8
>
> protostack=netkey
>
> force_keepalive=yes
>
> keep_alive=60
>
> conn L2TP-PSK-noNAT
>
> authby=secret
>
> pfs=no
>
> auto=add
>
> keyingtries=3
>
> ikelifetime=8h
>
> keylife=1h
>
> ike=aes256-sha1,aes128-sha1,3des-sha1
>
> phase2alg=aes256-sha1,aes128-sha1,3des-sha1
>
> type=transport
>
> left=x.x.x.x
>
> leftprotoport=17/1701
>
> right=%any
>
> rightprotoport=17/%any
>
> dpddelay=10
>
> dpdtimeout=20
>
> dpdaction=clear
>
> compress=yes
>
>
>
> My xl2tpd.conf
>
>  [global]
>
> ipsec saref = yes
>
> saref refinfo = 30
>
> ;debug avp = yes
>
> ;debug network = yes
>
> ;debug state = yes
>
> ;debug tunnel = yes
>
> [lns default]
>
> exclusive = no
>
> ip range = 10.10.10.2-10.10.10.100
>
> local ip = 10.10.10.1
>
> refuse pap = yes
>
> require authentication = yes
>
> ppp debug = yes
>
> pppoptfile = /etc/ppp/options.xl2tpd
>
> length bit = yes
>
>
> Best regards,
>
> Dominic
>
> E: d.wiersma at dwits.nl
>
>
>
>
>
>
> _______________________________________________
> Users at lists.openswan.org
> https://lists.openswan.org/mailman/listinfo/users
> Micropayments: https://flattr.com/thing/38387/IPsec-for-Linux-made-easy
> Building and Integrating Virtual Private Networks with Openswan:
> http://www.amazon.com/gp/product/1904811256/104-3099591-2946327?n=283155
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openswan.org/pipermail/users/attachments/20140905/0fd04751/attachment.html>


More information about the Users mailing list