[Openswan Users]
Re: [NAT-T] one side thinks "established", the other...doesn't.
pw at linuxops.net
pw at linuxops.net
Fri Jul 2 13:06:57 CEST 2004
Quoting Marcus Better <marcus+keyword+openswan.0a8cde at dactylis.com>:
>
> Ferdinand O. Tempel wrote:
>
> > However, looking on the other end (10.100.100.1, server), it doesn't get
> > any further than STATE_QUICK_R1:
>
> It's the exact same problem I have with NAT (see
> http://lists.openswan.org/pipermail/users/2004-June/001458.html).
>
> It seems that either something changed in Openswan, or in recent 2.6
> kernels.
>
> I would be very interested in any solutions.
Oi, indeed exactly the same problem. I must have missed your post, else a "me
too!" would have sufficed. You're also using 2.6.6, and you have been using
openswan-2.1.2 in both the working and non-working situations, right? So, it'd
be safe to say that this is likely a kernel issue rather then a pluto thing.
Does anyone on this list have NAT-T on 2.6 working, and would that someone be so
kind to post his kernel revision, so I can try to get a working state? And maybe
go from there with tracking down the change that breaks things. In fact, has
anyone actually gotten NAT-T to work with 2.6/openswan *at all*? And was that
with a 2.6 initiator/responder or was 2.4 somewhere in play still? Or racoon,
maybe? Details, I need details, so I can get this working, so I can test if my
changes to KLIPS make NAT-T work for 2.6/KLIPS too :)
----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.
More information about the Users
mailing list