Also, added rightsubnet=vhost:%no,%priv (because there is always the possibility of some of the clients being NATed)
Slackware is basically just plain vanilla linux with packages. The base linux kernel works fine with a slackware distribution. Arya On Thursday 01 July 2004 20:02, Jacco de Leeuw wrote: > Arya wrote: > > There is no NAT between the VPN server and the VPN client. > > Then you need to remove the rightsubnetwithin line. (Perhaps this is > ruining your routing?). > > > With regard to 'rightsubnetwithin=0.0.0.0/0' being insecure, we want the > > entire world to be able to access the VPN server. > > You misunderstand this parameter. right=%any already does this for you. > > > password to a radius. If we use rightsubnet=vhost:%no,%priv instead, > > would the box be open to the world? > > rightsubnet=vhost:%no,%priv is only needed when (some of the) clients > are NATed. > > > Current kernel 2.4.22 (distro is slackware 9.1) > > Never tested with Slackware myself, so YMMV. > > > Thanks a lot for your help (and well done on the freeswan/l2tpd > > documentation. I wouldn't be this far without it :)) > > No problem! > > Jacco