[Openswan Users] VPN Client thru Alcatel Modem
Leonard Tulipan
l.tulipan at mpwi.at
Wed May 19 17:30:21 CEST 2004
Hi!
After a lot of debugging, I am finally stranded.
We have the followin setup
10.0.0.1 VPN Client
|
|
Alcatel DSL Router Speedtouch 510
Changing IP's
|
|
X.X.X.X Linux VPN Firewall
|
|
192.168.118.* Private Net behind FW
Ok, nothing interesting.
Now, when I trace VPN Connections with tcpdump, I see
client:UDPPort500 -> server:Port500 ISAKMP Phase 1, 2, etc
So Packets ALWAYS come from Port 500 and go to Port 500
I also checked the VPN client it also behaves well and has Port 500 as
src_port
But the Alcatel Router (after getting the firewall-config to let the
corresponding traffic thru) changes all that, so that I get packets
looking like
dslrouter:UDPPort(Random between 19000 and 20000) -> server:Port500
This does not work!
Is THIS the one reason I need the NAT-T Patch, or can I somehow get the
server to accept packages, even though, the src_port isn't correct?
Cheers
Leonard
More information about the Users
mailing list