<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Also rescued from the spam bucket.<div class=""><br class=""><div><span class="" style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);"><b class="">From: </b></span><span class="" style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;">"haha " <<a href="mailto:qiluc@qq.com" class="">qiluc@qq.com</a>></span><br class=""><div class=""><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(127, 127, 127, 1.0);" class=""><b class="">Date: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">December 14, 2015 at 4:47:10 AM EST<br class=""></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(127, 127, 127, 1.0);" class=""><b class="">To: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">"users" <<a href="mailto:users@lists.openswan.org" class="">users@lists.openswan.org</a>><br class=""></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(127, 127, 127, 1.0);" class=""><b class="">Subject: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class=""><b class="">Re: ipsec tunnel doesn't up behined NAT</b><br class=""></span></div><br class=""><br class="">error outputs:<br class="">packet from 172.16.0.164:500: initial Main Mode message received on 192.168.182.103:500 but no connection has been authorized with p<br class="">olicy=PSK<br class=""><div class=""><div class=""><br class=""></div><div class=""><br class=""></div><div style="font-size: 12px;font-family: Arial Narrow;padding:2px 0 2px 0;" class="">------------------ Original ------------------</div><div style="font-size: 12px;background:#efefef;padding:8px;" class=""><div class=""><b class="">From: </b> "haha ";<<a href="mailto:qiluc@qq.com" class="">qiluc@qq.com</a>>;</div><div class=""><b class="">Date: </b> Mon, Dec 14, 2015 05:10 PM</div><div class=""><b class="">To: </b> "users"<<a href="mailto:users@lists.openswan.org" class="">users@lists.openswan.org</a>>; <wbr class=""></div><div class=""></div><div class=""><b class="">Subject: </b> ipsec tunnel doesn't up behined NAT</div></div><div class=""><br class=""></div><span style="text-decoration: underline;" class="">hi experts,<br class="">i setup a ipsec vpn tunnel, it was ok, but after i installed a NAT in between, the tunnel doesn't up again<br class=""><br class="">please see the configruation<br class=""><br class=""><br class="">---------------------------------------------<br class=""><client side><br class="">----------------------------------------------<br class="">ipsec.secrets file:<br class="">192.168.177.1 192.168.182.103 : PSK "abc"<br class=""><br class="">ipsec.conf file:<br class=""><br class="">version 2.0     <br class=""><br class="">config setup<br class="">        plutodebug=all<br class="">        plutostderrlog=/var/log/pluto.log<br class="">        protostack=netkey<br class="">        nat_traversal=yes<br class="">        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/16<br class="">        oe=off<br class=""><br class="">conn to-103<br class="">        authby=secret<br class="">        auto=add<br class="">        ike=3des-md5<br class=""><br class="">        keyexchange=ike<br class="">        phase2=esp<br class="">        phase2alg=3des-md5<br class="">        compress=no<br class="">        pfs=yes<br class="">        type=tunnel<br class="">        left=192.168.177.1<br class="">        leftsubnet=192.168.10.0/24<br class="">        right=192.168.182.103<br class="">        rightsubnet=192.168.182.0/24<br class=""><br class=""><br class="">-------------------------------------------------<br class=""><server side><br class="">-------------------------------------------------<br class="">ipsec.secrets file:<br class="">192.168.182.103 192.168.177.1 : PSK "abc"<br class=""><br class="">ipsec.conf file:<br class=""><br class="">version 2.0     <br class=""><br class="">config setup<br class="">        plutodebug=all<br class="">        plutostderrlog=/var/log/pluto.log<br class="">        protostack=netkey<br class="">        nat_traversal=yes<br class="">        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/16<br class="">        oe=off<br class=""><br class="">conn to-103<br class="">        authby=secret<br class="">        auto=add<br class="">        ike=3des-md5<br class=""><br class="">        keyexchange=ike<br class="">        phase2=esp<br class="">        phase2alg=3des-md5<br class="">        compress=no<br class="">        pfs=yes<br class="">        type=tunnel<br class="">        left=192.168.182.103<br class="">        leftsubnet=192.168.182.0/24<br class="">        leftnexthop=192.168.182.95<br class="">        right=192.168.177.1<br class="">        rightsubnet=192.168.10.0/24<br class=""></span></div><br class=""><br class=""></div></div><br class=""></div></body></html>