Closed ShyLionTjmn closed 4 years ago
It's a lowest common denominator issue with strongswan and libreswan.
With strongswan , a restart and load of the the config file is done with the following:
/usr/sbin/ipsec restart --conf /var/run/nm-l2tp-UUID/ipsec.conf --debug
With libreswan, it is like so:
/usr/sbin/ipsec restart
/usr/sbin/ipsec auto --config /var/run/nm-l2tp-UUID/ipsec.conf --verbose --add UUID
With strongswan there is no way to load a connection config files after it is restarted, so no way to load multiple connection config files. libreswan doesn't have the issue.
Uh.. both of connections i try do not use ipsec at all
Apr 20 14:13:37 lion-msi NetworkManager[1218]:
appears in syslog.conf when i click it after connected to first one.
Although it could be implemented with libreswan, but I never did because it is not possible with strongswan, I forgot about xl2tpd
NetworkManager-l2tp starts a local instance of xl2tpd with the config file as one of the arguments. /usr/sbin/xl2tpd-control
could be used to provide the config files, but earlier versions suffer from buffer overrun segmentation faults, so I never looked into it.
So, you can't launch two xl2tpd's?
See "Issue with not stopping system xl2tpd service" which describes potential problems of having more than one instance of xl2tpd running :
Okay, but, suppose my Cisco router is okay with ephemeral source port, how do i enable multiple connections support? it there some config file for nm-l2tp plugin?
You would need to modify the source code.
You could use the system xl2tpd and /usr/sbin/xl2tpd-control
with the generated xl2tpd.conf and ppp-options files
Actually with xl2tpd-control
, you can't directly use an unmodified ppp-options file as it uses a NetworkManager-l2tp plugin for the authentication.
You would need to modify the source code.
ouch... that's too much for me :) well, thanks for help, anyway!
version 1.2.16
anything i can do to make it work with multiple connections at once?