Hello, One of my VPN setups found most of the remote users in a single room behind a single router today. Recently their system was upgraded from Openswan to Libreswan, and I though I had read that that multiple people could just connect from behind the same NAT device. But didn't work out when they tried it.
They are using various versions of windows, from XP to 8, with the built-in l2tp/ipsec client, and the first guy to connect works fine until he disconnects, then all things are buggered till I restart ipsec. I got to poking around, I found one article that said I needed to use the SAref patch and KLIPS to make that work (all my firewalls have been built with netkey), but I found a few other articles that make me think configuring XAUTH is another way. I read the man page for ipsec.conf and the README.XAUTH files, among a bunch of other things from google, but I haven't been able to get it working yet and I am a bit confused about how the roles shift around; it seems xauth fills a lot of the functions I currently use xl2tpd for... So question; will XAUTH solve the problem of getting them all connected from behind the same router? I can't find anything on the net about people using XAUTH in conjunction with windows road warriors, so I am starting to think this isn't the solution I am looking for... -- Computerisms Bob Miller 867-334-7117 / 867-633-3760 http://computerisms.ca _______________________________________________ Swan mailing list [email protected] https://lists.libreswan.org/mailman/listinfo/swan
