[Openswan Users] Newbie NAT question

Colin Johnston colinj at mx5.org.uk
Mon Nov 22 13:45:33 CET 2004


Hi,
On related issue. How does one enable Openswan 2.2.0 with linux suse 2.6.5
 for a road warrior in India on a NAT connection.

See below for log of connection
Nov 23 00:12:54 vpnhost pluto[5732]: | peer client is 10.20.58.85
Nov 23 00:12:54 vpnhost pluto[5732]: | peer client protocol/port is 17/1701
Nov 23 00:12:54 vpnhost pluto[5732]: | our client is 212.219.10.135
Nov 23 00:12:54 vpnhost pluto[5732]: | our client protocol/port is 17/1701
Nov 23 00:12:54 vpnhost pluto[5732]: "road3dynamic"[10] 202.131.115.149
#239: cannot respond to IPsec SA
request because no connection is known for
212.219.10.135:17/1701...202.131.115.149[10.20.58.85]:17/1701=
==10.20.58.85/32
Nov 23 00:12:54 vpnhost pluto[5732]: "road3dynamic"[10] 202.131.115.149
#239: sending encrypted notificat
ion INVALID_ID_INFORMATION to 202.131.115.149:500
Nov 23 00:12:54 vpnhost pluto[5732]: | state transition function for
STATE_QUICK_R0 failed: INVALID_ID_IN
FORMATION

See below for ipsec.conf info
conn road3dynamic
        type=passthrough
        authby=secret
        pfs=no
        left=212.219.10.135
        leftprotoport=17/1701
        right=%any
        rightprotoport=17/1701
        auto=add
        keyingtries=3


Ideas please ?? Thanks in advance

Colin Johnston
TTL



More information about the Users mailing list