I have two Peers with the address 0.0.0.0/0 that I use for RoadWarriors. Some use IPSec over L2TP and some just use IPSec. The problem is when I use the peers as listed below either one or the other works, but not both I think because they are both matching somehow… I tested both independently by disabling the other and they work fine… also if I set the IPSec one to aggressive (also on the client) then they both work.
How should I fix this problem? Thanks.
0 ;;; L2TP/IPSec
address=0.0.0.0/0 passive=no port=500 auth-method=pre-shared-key
secret="1234" generate-policy=port-override
exchange-mode=main-l2tp send-initial-contact=no nat-traversal=yes
hash-algorithm=sha1 enc-algorithm=3des dh-group=modp1024 lifetime=1d
dpd-interval=2m dpd-maximum-failures=5
1 ;;; IPSec
address=0.0.0.0/0 passive=yes port=500 auth-method=pre-shared-key-xauth
secret="1234" generate-policy=port-override
policy-group=roadwarrior exchange-mode=main
mode-cfg=roadwarrior-config send-initial-contact=no nat-traversal=yes
proposal-check=obey hash-algorithm=md5 enc-algorithm=3des
dh-group=modp1024 lifetime=1d lifebytes=0 dpd-interval=2m
dpd-maximum-failures=5
-Eric