<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=iso-8859-15">
<META content="MSHTML 6.00.2900.3354" name=GENERATOR></HEAD>
<BODY style="MARGIN: 4px 4px 1px; FONT: 10pt Tahoma">
<DIV>I have an Openswan server trying to connect to a Novell BorderManager server. the latter is current V3.9.1. The OpenSwan server has NAT enabled between an internal 192.168.3.0 net and external 192.168.101.0 net, this is then attached to a cisco router with NAT (internal 192.168.101.1 external 213.246.191.115). I have IPSec enabled in the firewall (UDP 500, UDP 4500, TCP\UDP 353 and ESP - all these are NATted on all the cisco boxes as well)</DIV>
<DIV> </DIV>
<DIV>At the other end there is a cisco router with NAT 192.168.100.1 (external 213.246.173.52) pointing to a Bordermanager server 192.168.100.254 and internal 192.168.2.0 (no NAT).</DIV>
<DIV> </DIV>
<DIV>Several strange things happen. If the tunnel is initialised by OpenSwan, it connects, and the BM server can see a protected network (I think 192.168.101.1). If the connection is initiated by BM the connection fails, the Openswan server seems to reject the connection. BM server never gets passed SHA-1 status which is incorrect because it is all MD5. The VPN dies eventually because the BM server tries to restart it if the line glitches.</DIV>
<DIV> </DIV>
<DIV>The VPN never completes as far as BM goes, it shows as pending. Can't ping from one to the other. Have tried adding a second connection but must have done that wrong because it blows everything away.</DIV>
<DIV> </DIV>
<DIV>barf is attached.</DIV>
<DIV> </DIV>
<DIV>This is my first attempt at any of this so if it is rubbish I apologise.</DIV>
<DIV> </DIV>
<DIV>Max</DIV><BR>
<div class="Section1">
<!--StartFragment-->
<p>
<font face="Times New Roman">
*****************************************************************************
</font>
</p>
<p>
<font face="Times New Roman">The information contained in this e-mail
is intended only for the individual </font>
</p>
<p>
<font face="Times New Roman"><span class="GramE">
or</span> entity to whom it is addressed. Its contents (including any
attachments) are </font>
</p>
<p>
<font face="Times New Roman"><span class="GramE">
confidential</span> and may contain privileged information. </font>
</p>
<p class="MsoNormal">
<font face="Times New Roman"><o p="#DEFAULT">
 </o></font>
</p>
<p>
<font face="Times New Roman">If you are not an intended recipient you
must not use, disclose, </font>
</p>
<p>
<font face="Times New Roman"><span class="GramE">
disseminate</span>, copy or print its contents. If you receive this
email in error, </font>
</p>
<p>
<font face="Times New Roman"><span class="GramE">
please</span> delete and destroy the message and notify the sender by
reply email. </font>
</p>
<p>
<font face="Times New Roman">
******************************************************************************
</font>
</p>
<p class="MsoNormal">
<font face="Times New Roman"><o p="#DEFAULT">
 </o></font>
</p>
<p>
<font face="Times New Roman"><span class="SpellE">
Quantus</span> is a trading name of Talos Limited, registered in <st1 w="#DEFAULT" city="#DEFAULT" st="on"><st1 w="#DEFAULT" place="#DEFAULT" st="on">
Cardiff</st1></st1>, Wales No<span class="GramE">:2210727</span> </font>
</p>
<p>
<font face="Times New Roman">Registered Office: Prospect House, 20
High Street, <span class="SpellE">Westerham</span>, <st1 w="#DEFAULT" place="#DEFAULT" st="on"><st1 w="#DEFAULT" city="#DEFAULT" st="on">
Kent</st1>, <st1 w="#DEFAULT" postalcode="#DEFAULT" st="on">TN16 1RG</st1></st1>
</font>
</p>
<p style="margin-bottom: 12pt" class="MsoNormal">
<font face="Times New Roman"><br>
<br>
<br>
</font>
</p>
<font face="Times New Roman"><!--EndFragment-->
</font> </div>
</BODY></HTML>