[Openswan Users] NAT-T sucess and failure

Lewis Shobbrook lshobbrook at fasttrack.net.au
Fri Apr 30 18:17:16 CEST 2004

Hi All,

>From an exhaustive struggle to get NAT-T working with the 2.6.5 native
ipsec stack & openswan 2.1.x, I've found the following to be true.
NAT-T with Win XP client works when the client only is NAT'd.  When the
freeswan box is NAT'd, the connection fails immediately after MR3,
ISAKMP SA established... With "cannot respond to IPsec SA request
because no connection is known".  When both client and swan box are
NAT'd we get no further than transition from state STATE_MAIN_R1 to
state STATE_MAIN_R2.  

Can anyone dispute these results or concord?



More information about the Users mailing list