<html><head><meta http-equiv="Content-Type" content="text/html charset=us-ascii"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">Rescued from the spam bucket, please remember to subscribe to the mailing list before posting to it.<br class=""><div><div class=""><br class=""></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span class="" style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif; color: rgb(127, 127, 127);"><b class="">From: </b></span><span class="" style="font-family: -webkit-system-font, 'Helvetica Neue', Helvetica, sans-serif;">"haha " <<a href="mailto:qiluc@qq.com" class="">qiluc@qq.com</a>></span></div><div class=""><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(127, 127, 127, 1.0);" class=""><b class="">Date: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">December 14, 2015 at 4:10:19 AM EST<br class=""></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(127, 127, 127, 1.0);" class=""><b class="">To: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class="">"users" <<a href="mailto:users@lists.openswan.org" class="">users@lists.openswan.org</a>><br class=""></span></div><div style="margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px;" class=""><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif; color:rgba(127, 127, 127, 1.0);" class=""><b class="">Subject: </b></span><span style="font-family: -webkit-system-font, Helvetica Neue, Helvetica, sans-serif;" class=""><b class="">ipsec tunnel doesn't up behined NAT</b><br class=""></span></div><br class=""><br class=""><span style="text-decoration: underline;" class="">hi experts,<br class="">i setup a ipsec vpn tunnel, it was ok, but after i installed a NAT in between, the tunnel doesn't up again<br class=""><br class="">please see the configruation<br class=""><br class=""><br class="">---------------------------------------------<br class=""><client side><br class="">----------------------------------------------<br class="">ipsec.secrets file:<br class="">192.168.177.1 192.168.182.103 : PSK "abc"<br class=""><br class="">ipsec.conf file:<br class=""><br class="">version 2.0     <br class=""><br class="">config setup<br class="">        plutodebug=all<br class="">        plutostderrlog=/var/log/pluto.log<br class="">        protostack=netkey<br class="">        nat_traversal=yes<br class="">        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/16<br class="">        oe=off<br class=""><br class="">conn to-103<br class="">        authby=secret<br class="">        auto=add<br class="">        ike=3des-md5<br class=""><br class="">        keyexchange=ike<br class="">        phase2=esp<br class="">        phase2alg=3des-md5<br class="">        compress=no<br class="">        pfs=yes<br class="">        type=tunnel<br class="">        left=192.168.177.1<br class="">        leftsubnet=192.168.10.0/24<br class="">        right=192.168.182.103<br class="">        rightsubnet=192.168.182.0/24<br class=""><br class=""><br class="">-------------------------------------------------<br class=""><server side><br class="">-------------------------------------------------<br class="">ipsec.secrets file:<br class="">192.168.182.103 192.168.177.1 : PSK "abc"<br class=""><br class="">ipsec.conf file:<br class=""><br class="">version 2.0     <br class=""><br class="">config setup<br class="">        plutodebug=all<br class="">        plutostderrlog=/var/log/pluto.log<br class="">        protostack=netkey<br class="">        nat_traversal=yes<br class="">        virtual_private=%v4:10.0.0.0/8,%v4:192.168.0.0/16,%v4:172.16.0.0/16<br class="">        oe=off<br class=""><br class="">conn to-103<br class="">        authby=secret<br class="">        auto=add<br class="">        ike=3des-md5<br class=""><br class="">        keyexchange=ike<br class="">        phase2=esp<br class="">        phase2alg=3des-md5<br class="">        compress=no<br class="">        pfs=yes<br class="">        type=tunnel<br class="">        left=192.168.182.103<br class="">        leftsubnet=192.168.182.0/24<br class="">        leftnexthop=192.168.182.95<br class="">        right=192.168.177.1<br class="">        rightsubnet=192.168.10.0/24<br class=""></span><br class=""><br class=""></div></div><br class=""></body></html>