IPSec multiple mobile clients

  • I have a VPN setup for incoming mobile clients using mode config and Xauth.
    There is an IP pool assigned -
    This seems to generate a racoon.conf with a mode_cfg entry as:

    auth_source system;
    group_source system;
    pool_size 13;

    With this I see that I can connect with one client, but can never get
    a second mobile device to connect.

    The IPsec SPD status shows the link to be <->
    A second attempt adds <-> but no traffic will
    flow to the second machine. This looks to be a routing issue.

    If I change the netmask in the racoon.conf file to be then
    I see that multiple clients can connect and traffic will flow correctly. The
    SPD entries become <->, etc.
    I think that the GUI is creating an incorrect mode_cfg netmask entry in racoon.conf?

    Anybody else come across this?

Log in to reply