Arya wrote:
There is no NAT between the VPN server and the VPN client.
Then you need to remove the rightsubnetwithin line. (Perhaps this is ruining your routing?).
With regard to 'rightsubnetwithin=0.0.0.0/0' being insecure, we want the entire world to be able to access the VPN server.
You misunderstand this parameter. right=%any already does this for you.
password to a radius. If we use rightsubnet=vhost:%no,%priv instead, would the box be open to the world?
rightsubnet=vhost:%no,%priv is only needed when (some of the) clients are NATed.
Current kernel 2.4.22 (distro is slackware 9.1)
Never tested with Slackware myself, so YMMV.
Thanks a lot for your help (and well done on the freeswan/l2tpd documentation. I wouldn't be this far without it :))
No problem!
Jacco -- Jacco de Leeuw mailto:[EMAIL PROTECTED] Zaandam, The Netherlands http://www.jacco2.dds.nl