From 03a43159d8054a22ff6849db3cb75085d87978ce Mon Sep 17 00:00:00 2001
From: Sheng Yang <sheng.yang@citrix.com>
Date: Thu, 30 Oct 2014 17:23:34 -0700
Subject: [PATCH] CLOUDSTACK-7821: Fix OSX cannot connect to VPN due to wrongly
 declaim ENCAPSULATION_MODE_UDP_TRANSPORT_RFC

OSX always declaims it's behind NAT no matter it's true or not, thus result in
confusion of openswan.

Add parameter "forceencaps=yes" to openswan to make sure non NAT VPN connection
from OSX can pass through.
---
 systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf | 1 +
 1 file changed, 1 insertion(+)

diff --git a/systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf b/systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf
index 7459e259a4e..1cdd69d0d0b 100644
--- a/systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf
+++ b/systemvm/patches/debian/vpn/etc/ipsec.d/l2tp.conf
@@ -30,4 +30,5 @@ conn L2TP-PSK
         # ----------------------------------------------------------
         # Change 'ignore' to 'add' to enable this configuration.
         #
+        forceencaps=yes
         auto=add