fixes state when server is behind NAT

[fstronin]

I spent many hours to establish a connection to my VPN server which is behind NAT. Strongswan rejects connection with the message "IDir '172.30.20.83' does not match to '...' " . My fix just tells strongswan to disable the check.

[fstronin]

Also, it seems for me that the pull-request also will fix the issue - https://github.com/nm-l2tp/network-manager-l2tp/issues/36

[dkosovic]

Is the right=%%anyoption really needed as it gets overridden further down on the following line ? https://github.com/nm-l2tp/network-manager-l2tp/blob/master/src/nm-l2tp-service.c#L697

I believe the Sonicwall VPN server needs the Gateway ID (i.e. rightid) to be set to something other than %%any, hence why there is a Gateway ID text box in IPsec config dialog box. This is before my time and I don't have access to a Sonicwall VPN server.

I can confirm your rightid=%%any code modification works with my VPN server, but I would probably modify the code so that rightid=%%any only when the value associated with NM_L2TP_KEY_IPSEC_GATEWAY_ID hasn't been set.

[dkosovic]

Also just for confirmation, this fixes "_received DELETE for IKESA" as mentioned in issue https://github.com/nm-l2tp/network-manager-l2tp/issues/36 ?

[fstronin]

Yes it fixes the issue too.

[fstronin]

As I remember strongswan tries to send this request if identifiers are not match.

[fstronin]

Ok, I see what you mean. I will try to do required modifications soon.

[fstronin]

Ok, modification is done.