Hello, I'm using a OpenBSD 3.9 Box as VPN server for roadwarriors.
Everithing works fine, everyone can connect from everiwhere to the VPN server and it's working very stable. The whole configuration is extract from Johan Allard's howto's, on the PC side I'm using safenet remote windows client. But I have just one trouble, I give each client that connect a single IP identified by his e-mail address and if they are two clients on the same source network, only one can connect to the VPN, the other one has his VPN connection dropped down. if sombody has a great idea for me .. Regard's Claude Here is my isakmpd.conf : # # Soft-PK - OpenBSD isakmpd configuration file. # # The only thing that needs editing is the pre shared secret # 'mekmitasdigoat'. The setting allows everyone who knows the correct # pre shared secret to connect. # # Please mail me if you have any comments or bug-reports. # # Johan Allard <[EMAIL PROTECTED]> # [Phase 1] Default= ISAKMP-clients [Phase 2] Passive-Connections= IPsec-clients # Phase 1 peer sections ####################### [ISAKMP-clients] Phase= 1 Transport= udp Configuration= SoftPK-main-mode Authentication= xxxxxxxxx # Phase 2 sections ################## [IPsec-clients] Phase= 2 Configuration= SoftPK-quick-mode #Local-ID= default-route Local-ID= LAN54 Remote-ID= dummy-remote # Client ID sections #################### [ufqdn/[EMAIL PROTECTED] Address= 192.168.54.15 Netmask= 255.255.255.0 [ufqdn/[EMAIL PROTECTED] Address= 192.168.54.16 Netmask= 255.255.255.0 [ufqdn/[EMAIL PROTECTED] Address= 192.168.54.17 Netmask= 255.255.255.0 [ufqdn/[EMAIL PROTECTED] Address= 192.168.54.18 Netmask= 255.255.255.0 [default-route] ID-type= IPV4_ADDR_SUBNET Network= 0.0.0.0 Netmask= 0.0.0.0 [LAN54] ID-Type= IPV4_ADDR_SUBNET Network= 192.168.54.0 Netmask= 255.255.255.0 [dummy-remote] ID-type= IPV4_ADDR Address= 0.0.0.0 # Transform descriptions ######################## # Some predefined section names are recognized by the daemon, voiding the # need to fully specify the Main Mode transforms and Quick Mode suites, # protocols and transforms. # # For Main Mode: # {DES,BLF,3DES,CAST}-{MD5,SHA}[-{DSS,RSA_SIG}] # # For Quick Mode: # QM-{ESP,AH}[-TRP]-{DES,3DES,CAST,BLF,AES}[-{MD5,SHA,RIPEMD}][-PFS]-SUITE [SoftPK-main-mode] DOI= IPSEC EXCHANGE_TYPE= ID_PROT Transforms= 3DES-MD5 [SoftPK-quick-mode] DOI= IPSEC EXCHANGE_TYPE= QUICK_MODE Suites= QM-ESP-3DES-MD5-SUITE # Main mode transforms ###################### [3DES-MD5] ENCRYPTION_ALGORITHM= 3DES_CBC HASH_ALGORITHM= MD5 AUTHENTICATION_METHOD= PRE_SHARED GROUP_DESCRIPTION= MODP_1024 Life= LIFE_1_DAY # Lifetimes ########### [LIFE_1_DAY] LIFE_TYPE= SECONDS LIFE_DURATION= 86400,79200:93600 -- View this message in context: http://www.nabble.com/VPN-configuration-for-roadwarrior-tf2691887.html#a7506394 Sent from the openbsd user - misc mailing list archive at Nabble.com.