[Openswan Users] NAT-T and ipsec.conf

Dave Harrison David.Harrison at sensorynetworks.com
Thu Sep 2 18:24:30 CEST 2004

I have managed to get the two boxes to talk to each other (well sort of
;-) ) by using RSA keys.

However, machine 1 (see my last diagram) thinks the SA is completed and
happily sits there, but machine 2 gives me a
"route-client command exited with status 7"
and sits there looping for a while, then says that the other side must
not have liked any of the offers and bails.

Oddly enough, when I `ipsec auto --up ..` either side they say that
there was "no NAT detected" when I'm most definitely NAT'ing the traffic
from machine 1.

Anyway, if you can give me any suggestions I'd really appreciate it.


Dave Harrison, Systems Administrator, Sensory Networks
    email:          David.Harrison at sensorynetworks.com
    phone:          [W] +61-2-8302-2700 
    fingerprint:    E29F 2D6A FA27 5B0B B429  F8D3 5318 22D6 E775 2241

More information about the Users mailing list