<html><body><div style="color:#000; background-color:#fff; font-family:HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif;font-size:16px"><div id="yui_3_16_0_1_1422741655019_6753" dir="ltr"><span id="yui_3_16_0_1_1422741655019_6755">Hi Noel,</span></div><div id="yui_3_16_0_1_1422741655019_6753" dir="ltr"><span id="yui_3_16_0_1_1422741655019_6754">I tried =no and it seems to work... strange because I tried earlier and charon hanged up !!!</span></div><div id="yui_3_16_0_1_1422741655019_6753" dir="ltr"><span>I will try =never too.</span></div><div id="yui_3_16_0_1_1422741655019_6753" dir="ltr"><span>About two roadwarriors behind same NAT address, do you know if there is a solution ?</span></div><div id="yui_3_16_0_1_1422741655019_6753" dir="ltr"><span>Many thanks,</span></div><div id="yui_3_16_0_1_1422741655019_6753" dir="ltr"><span>Pedro.</span></div> <div class="qtdSeparateBR"><br><br></div><div class="yahoo_quoted" style="display: block;"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div style="font-family: HelveticaNeue, Helvetica Neue, Helvetica, Arial, Lucida Grande, sans-serif; font-size: 16px;"> <div dir="ltr"> <font size="2" face="Arial"> On Saturday, January 31, 2015 10:12 PM, Noel Kuntze <noel@familie-kuntze.de> wrote:<br> </font> </div> <br><br> <div class="y_msg_container"><br clear="none">-----BEGIN PGP SIGNED MESSAGE-----<br clear="none">Hash: SHA256<br clear="none"><br clear="none">Hello Tuarego,<br clear="none"><br clear="none">Try uniqueids=never.<br clear="none"><br clear="none"><br clear="none">Mit freundlichen Grüßen/Regards,<br clear="none">Noel Kuntze<br clear="none"><br clear="none">GPG Key ID: 0x63EC6658<br clear="none">Fingerprint: 23CA BB60 2146 05E7 7278 6592 3839 298F 63EC 6658<br clear="none"><div class="yqt3823451642" id="yqtfd06827"><br clear="none">Am 31.01.2015 um 22:58 schrieb tuarego da silva:<br clear="none">> Hello all,<br clear="none">> We have been using Strongswan to allow our users (students and teachers) to establish vpn sessions to our school. We choose to use IPSec/L2TP due windows and mac native clients... A few months ago we discovered that Strongswan does not support multiple clients behind same NAT address and was a big issue for us because we have students residences where many students try to connect at same time.<br clear="none">> Now we discovered another issue that is, Strongswan does not allow that two users behind different NAT ip addresses but with same private ip address connect at same time.<br clear="none">> In charon log we see:<br clear="none">> Jan 31 17:51:22 16[IKE] deleting duplicate IKE_SA for peer '192.168.1.83' due to uniqueness policy<br clear="none">><br clear="none">> So before trying another solution for VPN we would like to ask if anybody knows if there is way to configure Strongswan in order to use transport mode (L2TP) and bypass this difficulties.<br clear="none">> Best,<br clear="none">> Pedro.</div><br clear="none">><br clear="none">><br clear="none">><br clear="none">> _______________________________________________<br clear="none">> Users mailing list<br clear="none">> <a shape="rect" ymailto="mailto:Users@lists.strongswan.org" href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a><br clear="none">> <a shape="rect" href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br clear="none"><br clear="none">-----BEGIN PGP SIGNATURE-----<br clear="none">Version: GnuPG v2<br clear="none"><br clear="none">iQIcBAEBCAAGBQJUzVM/AAoJEDg5KY9j7GZYx8EP+wSGH9dRoIMe1aECx5LKr0hP<br clear="none">Y4FulMZrLLHSfj96t+/WTH7obL6ovwfKjurLRgaeHu95scOrC6H3nzDTHq9texRj<br clear="none">tCrvvWNKboYRny+YekRx2lT7svfvxfIL1TwZ3dkD68zFNazQN/mHlXHmGK2mR+KM<br clear="none">F5Su8qv6wpioF8uT+KB2NVvJgT2XZ2KQWfRUwqRLkwoOfx/oKXuxEoGGYhbvyLPu<br clear="none">Nexs18n2Oy0IDoPR2oYP/2cadTjvU21S/Si5bJn1mzF/zqe4Jg/3RB8k3rsgVcxn<br clear="none">dyQTLAs8nnEc6/TAZVPjq24HLCF9IkRI8PJSGYtt3XSBw526dnsQJ8RfQLQ1xTEn<br clear="none">yGz6qaf2T1QxrDnzr3TdQyvhm388ZKlecIRO061LivECPFm+LQJEDZFfu5r9asW7<br clear="none">JsaWpgLUBu+eX3OSelyKzOQQakpg7Gqgbmu4MhxvgQmUwW+5Jue5MonSeaxcdfl9<br clear="none">izhmfzY58vW64YJfb2BJ/wRnPwuuv6B7TayqEsjQG9N0jqrRu8dC001WghK3ELgA<br clear="none">MuyHja/bm0Q1TFokyB4iw5No3+HuZHHUnShCM9vgXqWmTNG3XxBs1pnrQ0zxR9B+<br clear="none">StdEba8e6ycnKxnpkgoEsI/+neFxGd6vSr8pQ65jWXAVlZPDX1vICm4+e+ALWZpG<br clear="none">CZ0KO8+tCTlJN/kAgZko<br clear="none">=7xOo<br clear="none">-----END PGP SIGNATURE-----<br clear="none"><br clear="none">_______________________________________________<br clear="none">Users mailing list<br clear="none"><a shape="rect" ymailto="mailto:Users@lists.strongswan.org" href="mailto:Users@lists.strongswan.org">Users@lists.strongswan.org</a><br clear="none"><a shape="rect" href="https://lists.strongswan.org/mailman/listinfo/users" target="_blank">https://lists.strongswan.org/mailman/listinfo/users</a><br><br></div> </div> </div> </div> </div></body></html>