IPSec multiple mobile clients
andygi last edited by
I have a VPN setup for incoming mobile clients using mode config and Xauth.
There is an IP pool assigned - 192.168.2.0/28.
This seems to generate a racoon.conf with a mode_cfg entry as:
With this I see that I can connect with one client, but can never get
a second mobile device to connect.
The IPsec SPD status shows the link to be 0.0.0.0/0 <-> 192.168.2.1/28.
A second attempt adds 0.0.0.0/0 <-> 192.168.2.2/28 but no traffic will
flow to the second machine. This looks to be a routing issue.
If I change the netmask in the racoon.conf file to be 255.255.255.255 then
I see that multiple clients can connect and traffic will flow correctly. The
SPD entries become 0.0.0.0/0 <-> 192.168.2.1/32, etc.
I think that the GUI is creating an incorrect mode_cfg netmask entry in racoon.conf?
Anybody else come across this?