[Openswan Users] NAT-T incorrect behaviours

albert agusti aagusti at serialnet.net
Thu Oct 28 21:17:09 CEST 2004


Is someone taking a look at NAT-T problems I reported some days ago ? As
I said, I have no problem to do a debug session that can help you. In my
scenario I've reproduced 2 different problems related with NAT-T.

1- Responder behind a NAT IS NOT CAPABLE to respond to connections from
a remote end if this is behind a NAT too and the NATTing device FLOATS
UDP ORIGIN PORT to some other port than 500.
This is suposed to be one of NAT TRAVERSAL fetatures and It does not

2-After a correct tunnel is stablished between two hosts behind NAT
(both), if the Initiator reboots (or restarts ipsec) tunnel is NEVER
RECOVERED again until a reboot on Responder side or (ipsec restart) is
Not very clean

Thanks in advance
Albert Agustí

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20041028/c94fa199/attachment.htm

More information about the Users mailing list