[Openswan dev] openswan 2.4.8 Klips natt psk on kernel 2.4
Mark-Andre Hopf
mhopf at innominate.com
Fri Jul 20 09:08:23 EDT 2007
On Fri 20.07. 13:50, Ioana Tecuceanu wrote:
> I am using openswan 2.4.8 with klips and i am trying to establish an ipsec
> tunnel from a natted server to a non-natted client. i am using pre shared
> keys.
>
> this appears in my log
> Why the hell is someone passing me a non-ipsec protocol = 17 packet? --
> dropped.
>
> does anyone know if this is an openswan bug or smth like that?
Protocol 17 aka. UDP is used by IPsec NAT-T, a mechanism required to
traverse NAT gateways. When a NAT gateway is detected IPsec IKE protocol
(UDP on port 500) and ESP both switch to UDP on port 4500.
You may want to adjust your firewall.
Mark
--
Dipl.-Inf. Mark-André Hopf
Senior Software Engineer
Innominate Security Technologies AG
protecting industrial networks
tel: +49.30.6392-3284
fax: +49.30.6392-3307
Albert-Einstein-Str. 14
D-12489 Berlin, Germany
www.innominate.com
Register Court: AG Charlottenburg, HR B 81603
Management Board: Joachim Fietz, Dirk Seewald
Chairman of the Supervisory Board: Edward M. Stadum
More information about the Dev
mailing list