[Openswan Users] NAT not needed on both sides
Marcel J.E. Mol
marcel at mesa.nl
Tue Apr 6 21:34:18 CEST 2004
On Tue, Apr 06, 2004 at 06:22:51PM +0200, Jacco de Leeuw wrote:
> Marcel J.E. Mol wrote:
>
> >Same here: openswan 1.0.2 on a non-NATed hostA and NATed hostB.
> >When nat_traversal=yes on both hosts the connection fails.
> >When nat_raversal=no on hostB it works fine.
>
> If A initiates the connection, then you may need to forward UDP port 4500
> on the NAT device to B. NAT-Traversal uses that port.
In my case A is the ipsec 'server' receiving the connections.
Host B are the roadwarriors initation the connections.
So does this mean B does not need special support for nat-t?
-Marcel
--
======-------- Marcel J.E. Mol MESA Consulting B.V.
=======--------- ph. +31-(0)6-54724868 P.O. Box 112
=======--------- marcel at mesa.nl 2630 AC Nootdorp
__==== www.mesa.nl ---____U_n_i_x______I_n_t_e_r_n_e_t____ The Netherlands ____
They couldn't think of a number, Linux user 1148 -- counter.li.org
so they gave me a name! -- Rupert Hine -- www.ruperthine.com
More information about the Users
mailing list