[vpn-help] ipsec-tools generate_policy info ...
Matthew Grooms
mgrooms at shrew.net
Sun Aug 20 22:33:45 CDT 2006
Peter and Brian,
I ran into a problem today with multiple clients behind a NAT device
trying to communicate with the NetBSD VPN Gateway via NATT. After
scratching my head for a bit I remembered that I needed to specify
"generate_policy unique" instead of "generate_policy on" in the
racoon.conf file. The issue will manifest itself by allowing both to
connect but only passing traffic for the first.
Anyhow, I can't remember if this option is available in the version of
ipsec-tools you are running but I noticed you were weren't using
"unique" in your config. Just thought I would mention it :)
Thanks,
-Matthew
More information about the vpn-help
mailing list