[Openswan Users] [NAT-T] Problem when the server is NATed
Jacco de Leeuw
jacco2 at dds.nl
Fri Jun 25 16:50:42 CEST 2004
Gabriele Buscone wrote:
> I'm trying to set up a VPN connection between a Win2000/XP machine with
> a openswan server.
> I succeeded in doing this when the client and the server aren't NATed or
> when only the client is NATed; but when the server behind NAT, even if
> the client is not NATed, I got an error.
I haven't tested a NATed server myself yet. But I do know that you need
to forward UDP port 4500 from the NAT router to the Openswan server.
> conn road
> # The remote user.
> #
> right=%any
> rightprotoport=17/1701
> rightrsasigkey=%cert
There does not seem to be a rightcert= or rightid= statement. Are you
sure this connection loads OK?
> rightsubnet=vhost:%no,%priv,%all
%all is only recommended for testing purposes.
> conn road2
> leftprotoport=17/4500
> rightprotoport=17/4500
This connection is bogus. You should probably disable it.
Jacco
--
Jacco de Leeuw mailto:jacco2 at dds.nl
Zaandam, The Netherlands http://www.jacco2.dds.nl
More information about the Users
mailing list