[Openswan Users] NAT Traversal and X509 is not working with each other

Stephen Wong stephen.wong at avacue.com
Tue Apr 6 00:11:54 CEST 2004

Hi there,

We have installed the Openswan 2.1.1 with RHEL 3 AS and using SSH Sentinel
1.4 client.  The following weird situation occurred.

1. Connection work well when using X509 for both server and client
authentication with NO NAT.
2. PSK mode work well when client is under NAT.
3. X509 mode does not work when client is under NAT.

For case 3, the Openswan log file keep waiting for MI3 and report "max
number of retransmissions (2) reached STATE_MAIN_R2"

Do anybody ever have such a problem before ?

Thank you so much.

More information about the Users mailing list