[Openswan Users] udp/4500 (NAT-T) blocking by my (common?) WLAN-Router (cont'd)

Jacco de Leeuw jacco2 at dds.nl
Sun Oct 24 18:30:52 CEST 2004


Andreas Kemper wrote:

> I started two parallel Ethereal sessions. One right on the OSW-GW, the other
> on a second laptop, connected in parallel (via ethernet hub) to the Wintendo
> client.

It isn't clear to me if your client is connected directly to the router or if
they are connected over the Internet. In the latter case, perhaps your ISP is
blocking VPN ports? They sometimes do that to promote their more expensive
"business" subscriptions...

> SMC 2808 WBR (previously the 802.11b-only version, which seemed to have the
> same problem)

You mean the SMC 2804 WBR, right? My user group has one of those. If time
allows I will try to connect through it.

> I just though about it, since at least Sentinel has some kind of port
> selection option for NAT-T, even though I don't know if this is RFC-conform.

Sentinel's option "UDP encapsulation to port xxxx" is non-standard. It is not
supported by the original NAT-T patch. I've not tested with the native IPsec
in kernel 2.6 but I doubt it is supported.

Jacco
-- 
Jacco de Leeuw                         mailto:jacco2 at dds.nl
Zaandam, The Netherlands           http://www.jacco2.dds.nl


More information about the Users mailing list