Closed fstronin closed 7 years ago
Also, it seems for me that the pull-request also will fix the issue - https://github.com/nm-l2tp/network-manager-l2tp/issues/36
Is the right=%%any
option really needed as it gets overridden further down on the following line ?
https://github.com/nm-l2tp/network-manager-l2tp/blob/master/src/nm-l2tp-service.c#L697
I believe the Sonicwall VPN server needs the Gateway ID (i.e. rightid
) to be set to something other than %%any
, hence why there is a Gateway ID text box in IPsec config dialog box. This is before my time and I don't have access to a Sonicwall VPN server.
I can confirm your rightid=%%any
code modification works with my VPN server, but I would probably modify the code so that rightid=%%any
only when the value associated with NM_L2TP_KEY_IPSEC_GATEWAY_ID
hasn't been set.
Also just for confirmation, this fixes "_received DELETE for IKESA" as mentioned in issue https://github.com/nm-l2tp/network-manager-l2tp/issues/36 ?
Yes it fixes the issue too.
As I remember strongswan tries to send this request if identifiers are not match.
Ok, I see what you mean. I will try to do required modifications soon.
Ok, modification is done.
I spent many hours to establish a connection to my VPN server which is behind NAT. Strongswan rejects connection with the message "IDir '172.30.20.83' does not match to '...' " . My fix just tells strongswan to disable the check.