[Openswan Users] defining connection
giovanni.m at agilemovement.it
giovanni.m at agilemovement.it
Fri Jun 18 08:10:01 CEST 2004
"John A. Sullivan III" <john.sullivan at nexusmgmt.com> said:
> On Thu, 2004-06-17 at 08:28, giovanni.m at agilemovement.it wrote:
> > Ciao,
> >
> > I'm using superfreeswan with nat-t to connect two servers using
> > certificate-based authentication. It works very well from location A to
> > location B, meaning that from A I can reach clients behind B. I can not get
> > from B to clients behind the gateway A.
> However, I am surprised this is working at all. As far as I know,
> OpenSWAN provides a NAT-T gateway but not a NAT-T client. How does B
> find A across the Internet if A has an address of 192.168.0.1? I know B
> is set to %any so it will accept the packet from the NAT address of A
> but I would think the tunnel end point definitions will not match. Are
> you testing on a local network rather than across the Internet? Then
> again, perhaps something has changed as I have not stayed current with
> *swan development for a while.
OK. You're right on this. I don't think I can go from B to A. I was trying to
do the impossible.
A to B continues to work perfectly, of course.
Giovanni
More information about the Users
mailing list