[Openswan dev] nat-t openswan interop problem Win2003

Paul Wouters paul at xelerance.com
Tue Jun 5 11:57:42 EDT 2007

On Tue, 5 Jun 2007, David Tauriainen wrote:

> dev-owner at openswan.org wrote:
> > You are not allowed to post to this mailing list, and your message has
> > been automatically rejected.  If you think that your messages are
> > being rejected in error, contact the mailing list owner at
> > dev-owner at openswan.org.
> >
> I sent this message to the mailing list, after I had signed up to the
> mailing list.  Why was it rejected?

Perhaps you mailed too quickly. Or used a different address?

> Hello, I was recently reading
> http://lists.openswan.org/pipermail/dev/2006-January/001213.html
> and its related emails, because of an identical error message "our
> client ID returned doesn't match my proposal".  I was wondering what the
> possible ramifications would be of altering check_net_id() in
> ikev1_quick.c to always return TRUE (I'm not a network coding guru by
> any means).

That's obviously the wrong thing to do.

> If I force a TRUE, my connection establishes over a NAT, but it won't
> with the original code in Openswan versions 2.4.8, 2.4.7, 2.4.6 (only
> ones I tested).

Then that's a bug that needs fixing.

If you can give us a copy of the ipsec.conf and a log of the exchange
that fails (NOT using plutodebug=) and attach it to a bug on bugs.openswan.org,
we'll look into it.


More information about the Dev mailing list