Andrew,
Look at these 2 sites: http://www.natecarlson.com/linux/ipsec-x509.php http://www.jacco2.dds.nl/networking/freeswan-l2tp.html#L2TPoverview
You probebly need something like this in your ipsec.conf
In the basic config: nat_traversal=yes
and in the connection configs:
rightprotoport=17/1701
leftprotoport=17/1701
This is were the windows l2tp client connects to.
Good luck,Koen
Andrew Miehs wrote:
I have now managed to get the whole thing working with x509 keys...
This all works if I use two public IP addresses.
If my client however, is behind a NATing gateway, the whole thing falls over.
I am running XP sp 2 and have enabled AssumeUDPEncapsulationContextOnSendRule.
I have also added the following lines to my racoon.conf...
isakmp_natt a.b.c.d [4500];
and
nat_traversal force;
but this still doesn't seem to want ot force natt - doing tcpdumps, I do not see windows try and connect to port 4500 udp - what am I doing wrong?
Thanks
Andrew
Have you taken a look at http://www.ipsec-howto.org/ ? It's a pretty good (IMHO) and hands-on HOWTO that contains example configuration files for isakmpd and racoon.
-- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
