On Sun, 15 Nov 2015, Tom Robinson wrote:
My other question was about having both IKEv2 and IPSec/L2TP connection definitions on the same VPN server. Is that possible on 3.13 (or any version)? I noticed with my L2TP connection sometimes responded to the IKEv2 client request.
Note that pluto uses "connection switching". It will pick a matching connection, and will refine it during the negotiation when more information comes in. So it is perfectly normal if you have two type of roadwarrior connections, that it seems to pick the "wrong one" at first. It should switch to the right one later on. You might help things a bit by more clearly seperating your two connections by using ikev2=never for the l2tp connection and ikev2=insist for the non-l2tp connection. That should help pluto make the right decision on the first received packet that will state if it is an ikev1 or ikev2 packet. Paul _______________________________________________ Swan mailing list Swan@lists.libreswan.org https://lists.libreswan.org/mailman/listinfo/swan
