Hi Adrian, You're right that xl2tpd fixed both issues. However, the email you mentioned said the fixes were for "openswan's new KLIPS code". The manpage for "xl2tpd.conf" says essentially the same thing:
...allows tracking of multiple clients using the same internal NATed IP address, and allows tracking of multiple clients behind the same NAT router.... Currently, this only works with Openswan KLIPS in "mast" mode. Since we are using Openswan with NETKEY, it probably still won't work in the current setup. An-Cheng Adrian F. Dimcev wrote: > Hi An-Cheng, > Yesterday I was reading the xelerance xl2tpd change log: > http://www.xelerance.com/software/xl2tpd/CHANGES > And I was under the impression that both issues you've mentioned are fixed. > v1.1.05 references these changes. > In this mail, Paul Wouters, also mentions the same things: > http://lists.virus.org/users-openswan-0611/msg00054.html > Best, > Adrian > > An-Cheng wrote: > > Yes, according to the following Web page, Openswan only supports > >1 client behind the same NAT device. > > http://www.jacco2.dds.nl/networking/freeswan-l2tp.html > >In fact, another Openswan limitation (also according to the page) > >is that no two NATed clients can use the same "private IP", i.e., > >one of them won't be able to connect if both happen to use the same > >private IP (even though they are behind different NAT devices). > _______________________________________________ > Vyatta-users mailing list > Vyatta-users@mailman.vyatta.com > http://mailman.vyatta.com/mailman/listinfo/vyatta-users _______________________________________________ Vyatta-users mailing list Vyatta-users@mailman.vyatta.com http://mailman.vyatta.com/mailman/listinfo/vyatta-users