Howdy,
We're successfully using OpenSwan on Fedora Core 6
(openswan-2.4.5-2.1) with xl2tpd (xl2tpd-1.1.09-1.fc6) with
Windows
XP. Our successful configuration file includes the line:
rightprotoport=17/1701
However, documentation suggests that to also support Mac OS
X, we'll
need to use "%any" instead of "1701",
i.e.,
rightprotoport=17/%any
However, doing that prevents our XP clients from
successfully using
the VPN. Compiling, installing and restarting
openswan-2.4.7 from the
Fedora Core test directory (openswan-2.4.7-3.fc7.src.rpm)
does not
clear this problem up. I haven't yet tried to connect a Mac
OS X
client, because our existing XP users really don't want the
VPN to go
away.
I've scanned the Openswan Users archives and it appears that
this was
a known bug a year ago, but more recent posts suggest that
"rightprotoport=17/%any" works now. I didn't,
however, find a post
that explained what changed or what else must be done to
get
"rightprotoport=17/%any" to work.
I'm happy to post our configuration files or even the output
of ipsec
barf, but since there's a good chance this is a known issue,
I figured
I'd see if anyone has a pointer to info I should read,
first.
Thanks in advance,
Cliff Matthews <ctm stolenbases.com>
_______________________________________________
Usersopenswan.org
http
://lists.openswan.org/mailman/listinfo/users
Building and Integrating Virtual Private Networks with
Openswan:
http://www.amazon.com/gp/product/1904811
256/104-3099591-2946327?n=283155
|