[Openswan Users] vpn server in a LAN and DNAT

Tomasz Grzelak tgrzelak at wktpolska.com.pl
Mon Dec 20 12:49:34 CET 2004


Does anyone know how to configure OpenSwan 2.2.0 as a vpn server with a 
private IP to let roadwarrior xp clients to connect to? There is a linux 
router with a public IP between a client and the server forwarding UDP (500 & 
4500) ports to the server. The situation looks like this:

client --- (internet) --- pub_IP (DNAT) --- priv_IP (OpenSwan)

Both the router and the server are running Debian 3.0 + kernel 2.6.9.

A client connects to the pub_IP of course. The vpn server estabilishes SA with 
a client (NAT-T), but the rest of communication fails.
Has anyone configured such a topology successfully?
If so could you send me your ipsec.conf, please?
And if any wanted to help, I could send one more info, meaning log and my 
config files.


More information about the Users mailing list