[Openswan Users] NAT-T incorrect behaviours

albert agusti aagusti at serialnet.net
Thu Oct 28 21:17:09 CEST 2004


Hello,

Is someone taking a look at NAT-T problems I reported some days ago ? As
I said, I have no problem to do a debug session that can help you. In my
scenario I've reproduced 2 different problems related with NAT-T.

1- Responder behind a NAT IS NOT CAPABLE to respond to connections from
a remote end if this is behind a NAT too and the NATTing device FLOATS
UDP ORIGIN PORT to some other port than 500.
This is suposed to be one of NAT TRAVERSAL fetatures and It does not
work.

2-After a correct tunnel is stablished between two hosts behind NAT
(both), if the Initiator reboots (or restarts ipsec) tunnel is NEVER
RECOVERED again until a reboot on Responder side or (ipsec restart) is
isued.
Not very clean

Thanks in advance
Albert Agustí



-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.openswan.org/pipermail/users/attachments/20041028/c94fa199/attachment.htm


More information about the Users mailing list